IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank

The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank
View Sample PDF
Author(s): Patrick S. Chen (Department of Information Management, Tatung University, Taipei, Taiwan), David C. Yen (School of Economics and Business, SUNY at Oneonta, Oneonta, NY, USA)and Shu-Chiung Lin (Department of Information Management, Tatung University, Taipei, Taiwan)
Copyright: 2015
Volume: 23
Issue: 4
Pages: 29
Source title: Journal of Global Information Management (JGIM)
Editor(s)-in-Chief: Zuopeng (Justin) Zhang (University of North Florida, USA)
DOI: 10.4018/JGIM.2015100102

Purchase

View The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank on the publisher's website for pricing and purchasing information.

Abstract

Many information systems' incidents result from inadequate protection of information assets. Assets classification and risks assessment procedures will no doubt help to identify the associated risks related to information systems for a better security control. In the banking industry, prior research and studies are rather lacking due to the nature of maintaining confidentiality. The purpose of this study is to develop an approach to classify information assets of financial institutions and also assess their corresponding risks. Delphi method was adopted and questionnaires based on the guidelines of the well-recognized standard of ISO/IEC 27001 were developed subsequently. A total of 99 information assets subject to security breaches are chosen for risks assessment and a panel of seven experts is invited to complete questionnaires. Consequently, a model for calculating the risk index is proposed according to an exponential scale ranging over 9 grades. The results reveal that three types of information assets exposed to a high level of risk warrant special protection. The experts also make some security enhancement suggestions for the assets with a risk grade ? 6. Aiming to enrich research literature on the risks assessment of information assets in the banking industry, the results of this study can provide a valuable reference for both academia and security practitioners.

Related Content

Peijin Li, Xiutong Yi, Chonghui Zhang, Tomas Baležentis. © 2024. 29 pages.
Hyundong Nam, Taewoo Nam, Songeun Kim. © 2024. 21 pages.
Hsiang-Lan Cheng, Chiew Mei Tan, Chao-Min Chiu, Hsin-Yi Huang, Yi-Chien Lee. © 2024. 39 pages.
Santosh Kumar Srivastava, Susmi Routray, Surajit Bag, Shivam Gupta, Justin Zuopeng Zhang. © 2024. 29 pages.
Lan Zhang, Yuwei Ye, Zixuan Meng, Ning Ma, Chia-Huei Wu. © 2024. 20 pages.
. © 2024.
Yongling Zhang, Huaqing Du, Tianyu Piao, Hongyu Shi, Sang-Bing (Jason) Tsai. © 2024. 26 pages.
Body Bottom