Risk Assessment of the Bank's Noncompliance with Payment Card Industry Data Security Standard (CROSBI ID 589724)
Prilog sa skupa u časopisu | izvorni znanstveni rad | međunarodna recenzija
Podaci o odgovornosti
Maček, Davor ; Magdalenić, Ivan ; Ivković, Nikola
engleski
Risk Assessment of the Bank's Noncompliance with Payment Card Industry Data Security Standard
This paper describes methodology of finding potential risks of bank's noncompliance with Payment Card Industry Data Security Standard (PCI DSS) v2.0 mandatory security requirements. For different types of information assets or security requirements it is necessary to apply different methods of security risk assessment or different standards for specific environment. In this paper, PCI DSS security requirements are explained, Analytic Hierarchy Process (AHP) technique is used as a groundwork to decide which PCI requirements are the most critical and the OCTAVE method is used for formal risk assessment of the most significant PCI requirement in case the requirement is not satisfied. Both, AHP technique and OCTAVE method are applied to a real case scenario in the bank before conducting PCI auditing process.
Risk assessment; information security; PCI DSS; compliance; AHP; OCTAVE; financial institution; bank
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
305-311.
2012.
nije evidentirano
objavljeno
Podaci o matičnoj publikaciji
Central European conference on information and intelligent systems
Hunjak, Tihomir ; Lovrenčić, Sandra ; Tomičić, Igor
Varaždin: Fakultet organizacije i informatike Sveučilišta u Zagrebu
1847-2001
Podaci o skupu
Central European Conference on Information and Intelligent Systems
predavanje
19.09.2012-21.09.2012
Hrvatska