IT Security Management Implementation Model in Iranian Bank Industry
- سال انتشار: 1396
- محل انتشار: فصلنامه مدیریت فناوری اطلاعات، دوره: 9، شماره: 2
- کد COI اختصاصی: JR_JITM-9-2_011
- زبان مقاله: انگلیسی
- تعداد مشاهده: 320
نویسندگان
Ph.D. Candidate in IT, Allameh Tabatab’i University, Tehran, Iran
Associate Prof. in Industrial Management, Allameh Tabatab’i University, Tehran, Iran
Associate Prof. in Industrial Management, Allameh Tabatab’i University, Tehran, Iran
Prof. in Industrial Management, Allameh Tabatab’i University, Tehran, Iran
چکیده
According to the complexity and differences between Iranian banks and other developed countries the appropriate actions to implement effective security management of information technology have not been taken. The aim of this study was to create a powerful model by selecting the appropriate security controls to protect information assets in the bank. In this model, at first the principle set fort in ISO standard ۲۷۰۰۱, was extracted and then by further studies derived from best practices carried out in the world on the related subject from ۲۰۰۸ to ۲۰۱۶ using a qualitative descriptive method), points comply with information security management in the banking industry were added to it. With the study of Iranian banks in dealing with IT security management system and with help of action research tools, provisions which prevent the actual implementation of this standard was removed and finally a conceptual model with operating instructions and considering all the principles of information security management standard, as well as banking institutions focusing on the characteristics of Iran was proposed.کلیدواژه ها
Asset, Banking, Information security management system certification, ISO ۲۷۰۰۱ standardاطلاعات بیشتر در مورد COI
COI مخفف عبارت CIVILICA Object Identifier به معنی شناسه سیویلیکا برای اسناد است. COI کدی است که مطابق محل انتشار، به مقالات کنفرانسها و ژورنالهای داخل کشور به هنگام نمایه سازی بر روی پایگاه استنادی سیویلیکا اختصاص می یابد.
کد COI به مفهوم کد ملی اسناد نمایه شده در سیویلیکا است و کدی یکتا و ثابت است و به همین دلیل همواره قابلیت استناد و پیگیری دارد.