Nalazite se na CroRIS probnoj okolini. Ovdje evidentirani podaci neće biti pohranjeni u Informacijskom sustavu znanosti RH. Ako je ovo greška, CroRIS produkcijskoj okolini moguće je pristupi putem poveznice www.croris.hr
izvor podataka: crosbi !

Risk Assessment of the Bank's Noncompliance with Payment Card Industry Data Security Standard (CROSBI ID 589724)

Prilog sa skupa u časopisu | izvorni znanstveni rad | međunarodna recenzija

Maček, Davor ; Magdalenić, Ivan ; Ivković, Nikola Risk Assessment of the Bank's Noncompliance with Payment Card Industry Data Security Standard // Central European conference on information and intelligent systems / Hunjak, Tihomir ; Lovrenčić, Sandra ; Tomičić, Igor (ur.). 2012. str. 305-311

Podaci o odgovornosti

Maček, Davor ; Magdalenić, Ivan ; Ivković, Nikola

engleski

Risk Assessment of the Bank's Noncompliance with Payment Card Industry Data Security Standard

This paper describes methodology of finding potential risks of bank's noncompliance with Payment Card Industry Data Security Standard (PCI DSS) v2.0 mandatory security requirements. For different types of information assets or security requirements it is necessary to apply different methods of security risk assessment or different standards for specific environment. In this paper, PCI DSS security requirements are explained, Analytic Hierarchy Process (AHP) technique is used as a groundwork to decide which PCI requirements are the most critical and the OCTAVE method is used for formal risk assessment of the most significant PCI requirement in case the requirement is not satisfied. Both, AHP technique and OCTAVE method are applied to a real case scenario in the bank before conducting PCI auditing process.

Risk assessment; information security; PCI DSS; compliance; AHP; OCTAVE; financial institution; bank

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

nije evidentirano

Podaci o prilogu

305-311.

2012.

nije evidentirano

objavljeno

Podaci o matičnoj publikaciji

Central European conference on information and intelligent systems

Hunjak, Tihomir ; Lovrenčić, Sandra ; Tomičić, Igor

Varaždin: Fakultet organizacije i informatike Sveučilišta u Zagrebu

1847-2001

Podaci o skupu

Central European Conference on Information and Intelligent Systems

predavanje

19.09.2012-21.09.2012

Hrvatska

Povezanost rada

Elektrotehnika, Računarstvo, Informacijske i komunikacijske znanosti