Regulation-based information security maturity assessment framework
The COVID-19 pandemic has spurred organizations to move up their digitalization timeline to cope and address the challenges and emerging need for technology-enabled services, including the banking industry. However, the rapid shift in technology adoption also opened an avenue for threats as banks in...
Saved in:
Main Author: | |
---|---|
Format: | text |
Language: | English |
Published: |
Animo Repository
2022
|
Subjects: | |
Online Access: | https://animorepository.dlsu.edu.ph/etdm_comtech/2 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | De La Salle University |
Language: | English |
id |
oai:animorepository.dlsu.edu.ph:etdm_comtech-1000 |
---|---|
record_format |
eprints |
spelling |
oai:animorepository.dlsu.edu.ph:etdm_comtech-10002022-07-22T08:04:54Z Regulation-based information security maturity assessment framework Baltasar, Jonas Jason T. The COVID-19 pandemic has spurred organizations to move up their digitalization timeline to cope and address the challenges and emerging need for technology-enabled services, including the banking industry. However, the rapid shift in technology adoption also opened an avenue for threats as banks introduced new technologies coinciding with their security transformation initiatives. Equally, bank examiners face the same challenge in assessing and evaluating the Bank’s information security maturity as they also experience the precipitous technology adaptions and implementations. This capstone project proposes a regulation-based standard and objective approach for evaluating information security management maturity. The structured and comprehensive assessment framework address the varying perspectives and examiner experience confines in maturity assessments and information security. From a macro viewpoint, the results shall provide a banking sector maturity to contribute to the Bangko Sentral ng Pilipinas (BSP) regulation issuances, IT, and digital innovation initiatives. The proposed framework is anchored by the BSP circular 982, which provides enhanced guidelines for information security management. Globally accepted standards and regulations of other jurisdictions were evaluated and synthesized during the framework design. The proposed framework was validated by experts with more than 50 years of collective experience. The evaluation covered five (5) thematic areas: Maturity Tiers, Activities/Tasks, Understandability, Ease of use, and applicability and practicality. Validation results found the proposed maturity assessment framework applicable and practical, easy to use, and understand. In addition, there are recommendations given in the maturity tier and activities/tasks to help enhance the clarity and delineation amongst the tiers and activities/tasks. The experts’ unanimously affirmed that the proposed maturity assessment framework adequately covers the BSP Circular 982 objectives and successfully integrated with globally accepted standards and maturity assessment framework. 2022-01-01T08:00:00Z text application/pdf https://animorepository.dlsu.edu.ph/etdm_comtech/2 Computer Technology Master's Theses English Animo Repository Information storage and retrieval systems—Risk management Information Security |
institution |
De La Salle University |
building |
De La Salle University Library |
continent |
Asia |
country |
Philippines Philippines |
content_provider |
De La Salle University Library |
collection |
DLSU Institutional Repository |
language |
English |
topic |
Information storage and retrieval systems—Risk management Information Security |
spellingShingle |
Information storage and retrieval systems—Risk management Information Security Baltasar, Jonas Jason T. Regulation-based information security maturity assessment framework |
description |
The COVID-19 pandemic has spurred organizations to move up their digitalization timeline to cope and address the challenges and emerging need for technology-enabled services, including the banking industry. However, the rapid shift in technology adoption also opened an avenue for threats as banks introduced new technologies coinciding with their security transformation initiatives. Equally, bank examiners face the same challenge in assessing and evaluating the Bank’s information security maturity as they also experience the precipitous technology adaptions and implementations.
This capstone project proposes a regulation-based standard and objective approach for evaluating information security management maturity. The structured and comprehensive assessment framework address the varying perspectives and examiner experience confines in maturity assessments and information security. From a macro viewpoint, the results shall provide a banking sector maturity to contribute to the Bangko Sentral ng Pilipinas (BSP) regulation issuances, IT, and digital innovation initiatives.
The proposed framework is anchored by the BSP circular 982, which provides enhanced guidelines for information security management. Globally accepted standards and regulations of other jurisdictions were evaluated and synthesized during the framework design. The proposed framework was validated by experts with more than 50 years of collective experience. The evaluation covered five (5) thematic areas: Maturity Tiers, Activities/Tasks, Understandability, Ease of use, and applicability and practicality.
Validation results found the proposed maturity assessment framework applicable and practical, easy to use, and understand. In addition, there are recommendations given in the maturity tier and activities/tasks to help enhance the clarity and delineation amongst the tiers and activities/tasks. The experts’ unanimously affirmed that the proposed maturity assessment framework adequately covers the BSP Circular 982 objectives and successfully integrated with globally accepted standards and maturity assessment framework. |
format |
text |
author |
Baltasar, Jonas Jason T. |
author_facet |
Baltasar, Jonas Jason T. |
author_sort |
Baltasar, Jonas Jason T. |
title |
Regulation-based information security maturity assessment framework |
title_short |
Regulation-based information security maturity assessment framework |
title_full |
Regulation-based information security maturity assessment framework |
title_fullStr |
Regulation-based information security maturity assessment framework |
title_full_unstemmed |
Regulation-based information security maturity assessment framework |
title_sort |
regulation-based information security maturity assessment framework |
publisher |
Animo Repository |
publishDate |
2022 |
url |
https://animorepository.dlsu.edu.ph/etdm_comtech/2 |
_version_ |
1740844656246128640 |