Reference Hub

This research has been cited in:

Conference
Information Asset Classification and Labelling Model Using Fuzzy Approach for Effective Security Risk Assessment2020 International Conference in Mathematics, Computer Engineering and Computer Science (ICMCECS)10.1109/ICMCECS47690.2020.240911
Chapter
Risk in Digital AssetsRisk Analysis for the Digital Age10.1007/978-3-031-18100-9_3
Article
A data classification method based on particle swarm optimisation and kernel function extreme learning machineEnterprise Information Systems10.1080/17517575.2021.1913764
Article
End-User Perceptions on Information SecurityJournal of Global Information Management10.4018/JGIM.293290

The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank

Patrick S. Chen, David C. Yen, Shu-Chiung Lin

Source Title: Journal of Global Information Management (JGIM)23(4)

ISSN: 1062-7375|EISSN: 1533-7995|EISBN13: 9781466675445|DOI: 10.4018/JGIM.2015100102

Cite Article Cite Article

MLA

Chen, Patrick S., et al. "The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank." JGIM vol.23, no.4 2015: pp.26-54. http://doi.org/10.4018/JGIM.2015100102

APA

Chen, P. S., Yen, D. C., & Lin, S. (2015). The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank. Journal of Global Information Management (JGIM), 23(4), 26-54. http://doi.org/10.4018/JGIM.2015100102

Chicago

Chen, Patrick S., David C. Yen, and Shu-Chiung Lin. "The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank," Journal of Global Information Management (JGIM) 23, no.4: 26-54. http://doi.org/10.4018/JGIM.2015100102

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

Many information systems' incidents result from inadequate protection of information assets. Assets classification and risks assessment procedures will no doubt help to identify the associated risks related to information systems for a better security control. In the banking industry, prior research and studies are rather lacking due to the nature of maintaining confidentiality. The purpose of this study is to develop an approach to classify information assets of financial institutions and also assess their corresponding risks. Delphi method was adopted and questionnaires based on the guidelines of the well-recognized standard of ISO/IEC 27001 were developed subsequently. A total of 99 information assets subject to security breaches are chosen for risks assessment and a panel of seven experts is invited to complete questionnaires. Consequently, a model for calculating the risk index is proposed according to an exponential scale ranging over 9 grades. The results reveal that three types of information assets exposed to a high level of risk warrant special protection. The experts also make some security enhancement suggestions for the assets with a risk grade ? 6. Aiming to enrich research literature on the risks assessment of information assets in the banking industry, the results of this study can provide a valuable reference for both academia and security practitioners.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

The Classification of Information Assets and Risk Assessment: An Exploratory Study using the Case of C-Bank

MLA

APA

Chicago

Export Reference

Abstract

Request Access