A study on the information technology security review process in finance
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Hong, Y. | - |
dc.contributor.author | Kim, D. | - |
dc.date.available | 2019-04-10T10:15:35Z | - |
dc.date.created | 2018-04-17 | - |
dc.date.issued | 2015 | - |
dc.identifier.isbn | 9781450334617 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/32654 | - |
dc.description.abstract | It is better to adapt IT security review in all the system development. However, it is almost impossible to do this because of the cost problem. In this paper, we sorted the system by its character such as the data and investment size. This sorting can be used as a standard for adapting IT security review. Though it is necessary to review the security functions and requirement from the analysis · design level, this process is ignored in most of the system development. In the important system, this security review has been compulsory in Korean finance. Especially Financial supervisory service in Korea announced that all of financial companies have to review the IT security task whenever they do the IT system development on the base of compliance named 'Electronic finance supervisory rule'. Is it necessary to adapt the strong review process in every IT system? In this paper, we show this standard. For this, we sorted the IT system in 4 models and made the review process. This standard can play a role in deciding whether the very system development should get the strong security review or not. This trial is expected to help other financial companies make decisions whether the process of IT security review should be strong or not. This can save the cost by adapting the strong security review only in the important system development. © 2015 Copyright held by the owner/author(s). Publication rights licensed to ACM. | - |
dc.publisher | Association for Computing Machinery | - |
dc.relation.isPartOf | ACM International Conference Proceeding Series | - |
dc.title | A study on the information technology security review process in finance | - |
dc.type | Conference | - |
dc.identifier.doi | 10.1145/2781562.2781607 | - |
dc.type.rims | CONF | - |
dc.identifier.bibliographicCitation | 17th Annual International Conference on Electronic Commerce, ICEC 2015, v.03-05-August-2015 | - |
dc.description.journalClass | 2 | - |
dc.identifier.scopusid | 2-s2.0-84957818311 | - |
dc.citation.conferenceDate | 2015-08-03 | - |
dc.citation.title | 17th Annual International Conference on Electronic Commerce, ICEC 2015 | - |
dc.citation.volume | 03-05-August-2015 | - |
dc.contributor.affiliatedAuthor | Kim, D. | - |
dc.type.docType | Conference Paper | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.