As organizations become increasingly dependent on their telematics sys
tems, they become more vulnerable to interruptions and breakdowns of t
hese systems. Most organizations only realize this dependency, and the
exact nature of their vulnerability, once the telematics systems are
in place. This often results in the ad hoc addition of safeguards, whi
ch causes operational problems. The most important cause of this pheno
menon is the fact that information security requirements were never an
issue during the design of most systems. In this paper we propose tha
t requirements for information security should be integrated in the de
sign process in an early phase. The benefit of this is that informatio
n security will become an integral part of the system. We present an a
pproach that addresses the issue of security requirements in all stage
s of the design process. For each stage we discuss how these informati
on security requirements can be embedded in that stage.