Home // ICAS 2013, The Ninth International Conference on Autonomic and Autonomous Systems // View article

Development of Ontology Based Framework for Information Security Standardss

Authors:
Partha Saha
Ambuj Mahanti
Binay Bhushan Chakraborty
Avinash Navlani

Keywords: Information Security; Compliance Auditing; Risk Management; Indian Banking Regulation .

Abstract:
E-Business Management and associated risk mitigation of organizational resources have become a major challenge for the organizations in light of increasingly global and integrated digital economies. Our research focuses on information security in e-Business management. We consider, in particular, the domain of banking. The banking sector, being highly regulated, poses plethora of challenges in terms of compliance of organizational practices with regulatory standards such as Basel III, CobiT 4.1 and ISO17799. An automated compliance auditing solution to the existing manual auditing is highly desirable from management’s standpoint due to considerable savings in cost and time. In this paper, we envisage a new paradigm where ontology based information model is used in an automated compliance auditing application. It performs compliance checking to verify if actual banking practices are following information security standards and whether discrepancies between security standards and actual banking practices call for qualified, adverse, disclaimer or piecemeal opinion by the information security auditor, while investigating efficacy of information security standards employed in banking domain.

Pages: 83 to 89

Copyright: Copyright (c) IARIA, 2013

Publication date: March 24, 2013

Published in: conference

ISSN: 2308-3913

ISBN: 978-1-61208-257-8

Location: Lisbon, Portugal

Dates: from March 24, 2013 to March 29, 2013