Regulation-based information security maturity assessment framework

The COVID-19 pandemic has spurred organizations to move up their digitalization timeline to cope and address the challenges and emerging need for technology-enabled services, including the banking industry. However, the rapid shift in technology adoption also opened an avenue for threats as banks in...

Full description

Saved in:
Bibliographic Details
Main Author: Baltasar, Jonas Jason T.
Format: text
Language:English
Published: Animo Repository 2022
Subjects:
Online Access:https://animorepository.dlsu.edu.ph/etdm_comtech/2
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: De La Salle University
Language: English
id oai:animorepository.dlsu.edu.ph:etdm_comtech-1000
record_format eprints
spelling oai:animorepository.dlsu.edu.ph:etdm_comtech-10002022-07-22T08:04:54Z Regulation-based information security maturity assessment framework Baltasar, Jonas Jason T. The COVID-19 pandemic has spurred organizations to move up their digitalization timeline to cope and address the challenges and emerging need for technology-enabled services, including the banking industry. However, the rapid shift in technology adoption also opened an avenue for threats as banks introduced new technologies coinciding with their security transformation initiatives. Equally, bank examiners face the same challenge in assessing and evaluating the Bank’s information security maturity as they also experience the precipitous technology adaptions and implementations. This capstone project proposes a regulation-based standard and objective approach for evaluating information security management maturity. The structured and comprehensive assessment framework address the varying perspectives and examiner experience confines in maturity assessments and information security. From a macro viewpoint, the results shall provide a banking sector maturity to contribute to the Bangko Sentral ng Pilipinas (BSP) regulation issuances, IT, and digital innovation initiatives. The proposed framework is anchored by the BSP circular 982, which provides enhanced guidelines for information security management. Globally accepted standards and regulations of other jurisdictions were evaluated and synthesized during the framework design. The proposed framework was validated by experts with more than 50 years of collective experience. The evaluation covered five (5) thematic areas: Maturity Tiers, Activities/Tasks, Understandability, Ease of use, and applicability and practicality. Validation results found the proposed maturity assessment framework applicable and practical, easy to use, and understand. In addition, there are recommendations given in the maturity tier and activities/tasks to help enhance the clarity and delineation amongst the tiers and activities/tasks. The experts’ unanimously affirmed that the proposed maturity assessment framework adequately covers the BSP Circular 982 objectives and successfully integrated with globally accepted standards and maturity assessment framework. 2022-01-01T08:00:00Z text application/pdf https://animorepository.dlsu.edu.ph/etdm_comtech/2 Computer Technology Master's Theses English Animo Repository Information storage and retrieval systems—Risk management Information Security
institution De La Salle University
building De La Salle University Library
continent Asia
country Philippines
Philippines
content_provider De La Salle University Library
collection DLSU Institutional Repository
language English
topic Information storage and retrieval systems—Risk management
Information Security
spellingShingle Information storage and retrieval systems—Risk management
Information Security
Baltasar, Jonas Jason T.
Regulation-based information security maturity assessment framework
description The COVID-19 pandemic has spurred organizations to move up their digitalization timeline to cope and address the challenges and emerging need for technology-enabled services, including the banking industry. However, the rapid shift in technology adoption also opened an avenue for threats as banks introduced new technologies coinciding with their security transformation initiatives. Equally, bank examiners face the same challenge in assessing and evaluating the Bank’s information security maturity as they also experience the precipitous technology adaptions and implementations. This capstone project proposes a regulation-based standard and objective approach for evaluating information security management maturity. The structured and comprehensive assessment framework address the varying perspectives and examiner experience confines in maturity assessments and information security. From a macro viewpoint, the results shall provide a banking sector maturity to contribute to the Bangko Sentral ng Pilipinas (BSP) regulation issuances, IT, and digital innovation initiatives. The proposed framework is anchored by the BSP circular 982, which provides enhanced guidelines for information security management. Globally accepted standards and regulations of other jurisdictions were evaluated and synthesized during the framework design. The proposed framework was validated by experts with more than 50 years of collective experience. The evaluation covered five (5) thematic areas: Maturity Tiers, Activities/Tasks, Understandability, Ease of use, and applicability and practicality. Validation results found the proposed maturity assessment framework applicable and practical, easy to use, and understand. In addition, there are recommendations given in the maturity tier and activities/tasks to help enhance the clarity and delineation amongst the tiers and activities/tasks. The experts’ unanimously affirmed that the proposed maturity assessment framework adequately covers the BSP Circular 982 objectives and successfully integrated with globally accepted standards and maturity assessment framework.
format text
author Baltasar, Jonas Jason T.
author_facet Baltasar, Jonas Jason T.
author_sort Baltasar, Jonas Jason T.
title Regulation-based information security maturity assessment framework
title_short Regulation-based information security maturity assessment framework
title_full Regulation-based information security maturity assessment framework
title_fullStr Regulation-based information security maturity assessment framework
title_full_unstemmed Regulation-based information security maturity assessment framework
title_sort regulation-based information security maturity assessment framework
publisher Animo Repository
publishDate 2022
url https://animorepository.dlsu.edu.ph/etdm_comtech/2
_version_ 1740844656246128640