Abstract
Banks’ have constantly been looking for channels as means to lower operational costs and reach a greater market share. This opportunity has been achieved through electronic banking channels capable to offer services that add value to the business. However, the increasing reliance on Information Technology (IT) has caused an array of risks that need to be mitigated before damage the system reputation and customer records. For this role, the Information Technology Security Governance (ITSG) implementation is to protect the most valuable assets of an organization. In this paper, we describe the components of an e-banking environment, clarify congruent terminology used in achieving Information Security Governance (ISG) objectives and evaluate most reputed ITSG approaches to help banks choose which approach best fits the e-banking environment.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aggelis, V.G.: The bible of e-banking. New Technologies Publications, Athens (2005) (in Greek)
Akinci, S., Aksoy, S., Atilgan, E.: Adoption of Internet banking among sophisticated consumer segments in an advanced developing country. The International Journal of Bank Marketing 22(3), 212–232 (2004)
Aladwani, A.M.: Online banking: a field study of drivers, development challenges, and expectations. International Journal of Information Management 21, 213–225 (2001)
Angelakopoulos, G., Mihiotis, A.: E-banking: challenges and opportunities in the Greek banking sector. Electronic Commerce Research, 1–23 (2011)
Barnes, S.J., Corbitt, B.: Mobile banking: concept and potential. Author: International Journal of Mobile Communications 1(3), 273–288 (2003)
Basel Committee on Banking Supervision: Risk Management Principles for Electronic banking (2003), http://www.bis.org/publ/bcbs98.pdf (retrieved July 20, 2011)
Baten, M.A., Kamil, A.A.: E-Banking of Economical Prospects in Bangladesh. Journal of Internet Banking and Commerce 15(2) (2010)
Brotby, K.: Information Security Governance, A Practical Development and Implementation Approach. Wiley (2009)
Da Veiga, A., Eloff, J.H.P.: An Information Security Governance Framework. Information Systems Management 24(4), 361–372 (2007)
Ho Bruce, C.T., Wu, D.D.: Online banking performance evaluation using data evelopment analysis and principal component analysis. Computers & Operations Research 36, 1835–1842 (2009)
IFAC: Enterprise governance: getting the balance right, International Federation of Accountants, Professional Accountants in Business Committee (2004), http://www.ifac.org/Members/DownLoads/EnterpriseGovernance.pdf (retrieved July 20, 2011)
IT Governance Institute: Information Security Governance, Guidance for Boards of Directors and Executive Management, 2nd edn. Rolling Meadows, IL (2006)
IT Governance Institute: COBIT 4.1 Excerpt: Executive Summary – Framework (2007), http://www.isaca.org/KnowledgeCenter/cobit/Documents/COBIT4.pdf (retrieved July 20, 2011)
Kondabagil, J.: Risk Management in electronic banking: concepts and best practices. Wiley Finance (2007)
Kritzinger, E., von Solms, S.H.: E-learning: incorporating information security governance. Issues in Informing Science and Information Technology 3, 319–325 (2006)
Moreira, E., Martimiano, L.A.F., Brandao, A.J., Bernardes, M.C.: Ontologies for information security management and governance. Information Management & Computer Security 16(2), 150–165 (2008)
Moulton, R., Coles, R.S.: Applying Information Security Governance. Computers & Security 22(7), 580–584 (2003)
Mustaffa, S., Beaumont, N.: The effect of electronic commerce on small Australian enterprises. Technovation 24(2), 85–95 (2004)
Nsouli, S.M., Schaechter, A.: Challenges of the E-banking revolution. International Monetary Fund: Finance & Development 39(3) (2002), http://www.imf.org/external/pubs/ft/fandd/2002/09/nsouli.htm (retrieved July 20, 2011)
OCTAVE - Operationally Critical Threat, Asset, and Vulnerability Evaluation (2003), http://www.cert.org/octave/approach_intro.pdf (retrieved July 20, 2011)
Poore, R.S.: Information Security Governance. EDPACS 33(5), 1–8 (2005)
Rao, H.R., Gupta, M., Upadhyaya, S.J.: Managing Information Assurance in Financial Services. IGI Publishing (2007)
Rastogi, R., Von Solms, R.: Information Security Governance a Re-definition. IFIP, vol. 193. Springer, Boston (2006)
Saint-Gemain, R.: Information security management best practice based on ISO/IEC 17799. Information Management Journal 39(4), 60–65 (2005)
Solms, S.H., von Solms, R.: Information Security Governance. Springer, Heidelberg (2009)
Southard, P.B., Siau, K.: A survey of online e-banking retail initiatives. Communications of The ACM 47(10) (2004)
Tan, T.C.C., Ruighaver, A.B., Ahmad, A.: Information Security Governance: When Compliance Becomes More Important than Security. In: Proceedings of the 25th IFIP TC 11 International Information Security Conference, pp. 55–67 (2010)
Tanampasidis, G.: A Comprehensive Method for Assessment of Operational Risk in E-banking. Information Systems Control Journal 4 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tsiakis, T., Chatzipoulidis, A., Kargidis, T., Belidis, A. (2011). Information Technology Security Governance Approach Comparison in E-banking. In: Kim, Th., Adeli, H., Fang, Wc., Villalba, J.G., Arnett, K.P., Khan, M.K. (eds) Security Technology. SecTech 2011. Communications in Computer and Information Science, vol 259. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27189-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-27189-2_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27188-5
Online ISBN: 978-3-642-27189-2
eBook Packages: Computer ScienceComputer Science (R0)