埃塞俄比亚银行信息系统安全的成熟度:以选定的私人银行为例

Tadele Shimels, Lemma F. Lessa
{"title":"埃塞俄比亚银行信息系统安全的成熟度:以选定的私人银行为例","authors":"Tadele Shimels, Lemma F. Lessa","doi":"10.1108/ijieom-10-2021-0014","DOIUrl":null,"url":null,"abstract":"PurposeInformation systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures, organizations are required to determine the maturity level of their information security governance. Literature review reveals that there is no recent study on information systems' security maturity level of banks in Ethiopia. This study thus seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators.Design/methodology/approachFour private banks are selected as a representative sample. The system security engineering capability maturity model (SSE-CMM) is used as the maturity measurement criteria, and the measurement was based on ISO/IEC 27001 information security control areas. The data for the study were gathered using a questionnaire.FindingsA total of 93 valid questionnaires were gathered from 110 participants in the study. Based on the SSE-CMM maturity model assessment criteria the private banking industry's current maturity level is level 2 (repeatable but intuitive). Institutions have a pattern that is repeated when completing information security operations but its existence was not thoroughly proven and institutional inconsistency still exists.Originality/valueThis study seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators. This topic has not been attempted previously in the context of Ethiopian financial sector.","PeriodicalId":268888,"journal":{"name":"International Journal of Industrial Engineering and Operations Management","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Maturity of information systems' security in Ethiopian banks: case of selected private banks\",\"authors\":\"Tadele Shimels, Lemma F. Lessa\",\"doi\":\"10.1108/ijieom-10-2021-0014\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"PurposeInformation systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures, organizations are required to determine the maturity level of their information security governance. Literature review reveals that there is no recent study on information systems' security maturity level of banks in Ethiopia. This study thus seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators.Design/methodology/approachFour private banks are selected as a representative sample. The system security engineering capability maturity model (SSE-CMM) is used as the maturity measurement criteria, and the measurement was based on ISO/IEC 27001 information security control areas. The data for the study were gathered using a questionnaire.FindingsA total of 93 valid questionnaires were gathered from 110 participants in the study. Based on the SSE-CMM maturity model assessment criteria the private banking industry's current maturity level is level 2 (repeatable but intuitive). Institutions have a pattern that is repeated when completing information security operations but its existence was not thoroughly proven and institutional inconsistency still exists.Originality/valueThis study seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators. This topic has not been attempted previously in the context of Ethiopian financial sector.\",\"PeriodicalId\":268888,\"journal\":{\"name\":\"International Journal of Industrial Engineering and Operations Management\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Industrial Engineering and Operations Management\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/ijieom-10-2021-0014\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Industrial Engineering and Operations Management","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ijieom-10-2021-0014","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

由于安全威胁的快速增长,信息系统的安全比以往任何时候都更加重要。在实施信息系统的安全措施之前,组织需要确定其信息安全治理的成熟度级别。文献综述发现,目前尚无关于埃塞俄比亚银行信息系统安全成熟度水平的研究。因此,本研究旨在衡量现有的成熟度水平,并检查安全缺口,以提出埃塞俄比亚私人银行业信息系统安全成熟度指标可能发生的变化。设计/方法/方法选择四家私人银行作为代表性样本。采用系统安全工程能力成熟度模型(SSE-CMM)作为成熟度度量标准,度量基于ISO/IEC 27001信息安全控制领域。这项研究的数据是通过问卷调查收集的。研究共收集了110名参与者的93份有效问卷。基于SSE-CMM成熟度模型评估标准,私人银行业目前的成熟度等级为2级(可重复但直观)。机构在完成信息安全操作时存在重复的模式,但其存在并未得到彻底证实,并且机构不一致仍然存在。原创性/价值本研究旨在衡量现有的成熟度水平,并检查安全缺口,以提出埃塞俄比亚私人银行业信息系统安全成熟度指标可能发生的变化。这一主题以前没有在埃塞俄比亚金融部门的背景下进行过尝试。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Maturity of information systems' security in Ethiopian banks: case of selected private banks
PurposeInformation systems' security is more critical than ever before since security threats are rapidly growing. Before putting in place information systems' security measures, organizations are required to determine the maturity level of their information security governance. Literature review reveals that there is no recent study on information systems' security maturity level of banks in Ethiopia. This study thus seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators.Design/methodology/approachFour private banks are selected as a representative sample. The system security engineering capability maturity model (SSE-CMM) is used as the maturity measurement criteria, and the measurement was based on ISO/IEC 27001 information security control areas. The data for the study were gathered using a questionnaire.FindingsA total of 93 valid questionnaires were gathered from 110 participants in the study. Based on the SSE-CMM maturity model assessment criteria the private banking industry's current maturity level is level 2 (repeatable but intuitive). Institutions have a pattern that is repeated when completing information security operations but its existence was not thoroughly proven and institutional inconsistency still exists.Originality/valueThis study seeks to measure the existing maturity level and examine the security gaps in order to propose possible changes in Ethiopian private banking industry's information system security maturity indicators. This topic has not been attempted previously in the context of Ethiopian financial sector.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Exploring lean manufacturing drivers for enhancing circular economy performance in the pharmaceutical industry: a Bayesian best–worst approach Assessing the barriers to lean manufacturing adoption in the furniture industry of Bangladesh: a fuzzy-DEMATEL study Managing project intangible risk: socio-technical implications in a “projectified” world “Recover together, recover stronger”: an exploratory literature review on the recovery challenges of creative SMEs following the COVID-19 pandemic and proposed future recommendations Improvement of tensile strength of fused deposition modelling (FDM) part using artificial neural network and genetic algorithm techniques
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1