Protecting the security of banking information in accordance with international standards (ISO 17799) and the extent of its application in banks

Authors

  • Nizar Kazim Alkhankani

Keywords:

Banking information security

Abstract

Information and information technology has become the vital foundation for all business organizations and in various economic sectors, but at the financial and banking level, information and security are particularly important as a major focus in the development of banking, banking tools and On the information and information technology, which paved the way for a banking revolution based on the integrity of the banking operations, which made banking risk in all its aspects, which led the sector in this vital sector to focus on the security of the Banking information and the use of all programs, specifications and methods that ensure the security of banking information, Among the most important of these standards or specifications is (ISO 17799), which represented a quantum leap in the security of banking information, hence the problem of research due to the expansion of banking in Iraq after the events of 2003 and the opening of economic sectors to the world, including the banking sector, To follow the mechanisms of work and new tools makes it an evolution of its work to increase competitiveness, and among the most important obstacles faced by banks at the global level and the Arab in general and at the level of Iraqi banks is the confidentiality and security of banking information, while the research launched the following assumptions:
A. The Iraqi banks do not apply the international standards ISO 17799 to protect the security of their banking information.
B. Lebanese banks shall not apply the ISO 17799 international standards to protect the security of their banking information.
C. The Iraqi and Lebanese banks shall not vary in the application of ISO 17799 international standards to protect the security of their banking information

References

Alan Calder & Steve Watkins , IT GOVERNANCE A Manager’s Guide to Data Security and ISO27001/ISO 27002 , 4th edition, London and Philadelphia , British, 2008 .

Albrechtsen, Eriki , " A Qualitative Study of User’s View on Information Security", Computer & Security Journal, Vol. 26, NO. 4., 2007.

Arnason , Sigurjon Thor & Willett, Keith D. , How to Achieve 27001 Certification An Example of Applied Compliance Management, Taylor& Francis Group LLC. New York, USA, 2008.

Carlson , Tom, Information Security Management: Understanding ISO 17799 , International Network Services, October 2001 INS Whitepaper, CISSP , 2001 .

Eslami, Fatemeh & Fasanghari, Mahdi & Abdollahi, Ali, "Classification of IT Governance Tools for Selecting the Suitable One in an Enterprise", Iran Telecommunication Research Center (ITRC), 2008 .

Gheorghe ,Mirela, " Audit Methodology for IT Governance" , Informatics Economic, vol. 14, No. 1 , 2010 .

Guidelines for the Management of IT Security GMITS, " Concepts and models for managing and planning IT security, ISO/IEC JTCl/SC27",Part 1., 2001.

International Telecommunication Union, Cyber security guide for developing countries , 2009 .

Wiander, Timo, ISO/IEC 17799 Standard’s Intended Usage and Actual Use by the Practitioners , 18th Australasian Conference on Information Systems , Dec. 2007 .

SANS Institute Security Consensus Operational Readiness Evaluation : SANS Audit Check List , Information Security Management : BS ISO/ IEC 17799:2005 and (BS ISO/ IEC 27001:2005) , 2006 .

Solms, S. H. & Solms, R. Von, "Information Security Governance", Springer Science‏Business Media, New York, USA, 2009 .

Koskosas, Ioannis & Kakoulidis, Konstantinos & Siomos, Christos, "Information Security: Corporate Culture and Organizational Commitment", International Journal of Humanities and Social Science, Vol. 1, No. 3 , 2011.

Kritzinger, E & Strous, L , " Information Security: a Corporate Governance Issue ", 2003 .

Poole, Vernon, "Why Information Security Governance is Critical to Wider Corporate Governance Demands :A European Perspective", Journal Online, www.isaca.org., 2006 .

Sarker, Saonee & Valacich, Joseph & Sarkar, Suprateek, "Virtual Team Trust: Instrument Development and Validation in an IS Educational Environment", Information Resources Management Journal, Vol. 16, No.2., 2003 .

www.sapphire.net , The Principles of ISO 27001 : including differences from BS7799: 2000 , 2007 .

Published

2024-10-31

How to Cite

نزار كاظم الخيكاني. (2024). Protecting the security of banking information in accordance with international standards (ISO 17799) and the extent of its application in banks. Iraqi Journal for Administrative Sciences, 13(54), 150–128. Retrieved from https://mail.journals.uokerbala.edu.iq:8443/index.php/ijas/article/view/2557