Please use this identifier to cite or link to this item:
|Title:||Development of Ontology Based Framework for Information Security Standards|
Indian Banking Regulation .
ICAS-The Ninth International Conference on Autonomic and Autonomous Systems
|Series/Report no.:||24-29 March|
|Abstract:||E-Business Management and associated risk mitigation of organizational resources have become a major challenge for the organizations in light of increasingly global and integrated digital economies. Our research focuses on information security in e-Business management. We consider, in particular, the domain of banking. The banking sector, being highly regulated, poses plethora of challenges in terms of compliance of organizational practices with regulatory standards such as Basel III, CobiT 4.1 and ISO17799. An automated compliance auditing solution to the existing manual auditing is highly desirable from management’s standpoint due to considerable savings in cost and time. In this paper, we envisage a new paradigm where ontology based information model is used in an automated compliance auditing application. It performs compliance checking to verify if actual banking practices are following information security standards and whether discrepancies between security standards and actual banking practices call for qualified, adverse, disclaimer or piecemeal opinion by the information security auditor, while investigating efficacy of information security standards employed in banking domain.|
|Description:||Mahanti Ambuj, Department of Management Information Systems, Indian Institute of Management Calcutta, Kolkata; Partha Saha, MIS Group, Indian Institute of Management Calcutta; B.B. Chakrabarty, Finance and Control Group, Indian Institute of Management Calcutta; Avinash Navlani , MIS Group, Indian Institute of Management Calcutta|
|Appears in Collections:||Management Information Systems|
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.