EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Architecture and infrastructure for governing information security in central banks

Kemal Hajdarevic (), Kemal Kozaric () and Jasmin Hadzigrahic ()
Additional contact information
Kemal Hajdarevic: Information Security Manager, Governor’s office, Central Bank of Bosnia and Herzegovina
Kemal Kozaric: Governor of the Central Bank of Bosnia and Herzegovina and a professor at the Faculty of Economics in Sarajevo
Jasmin Hadzigrahic: Senior Specialist for Applications Design and Maintenance, IT Department, Central Bank of Bosnia and Herzegovina

Journal of Central Banking Theory and Practice, 2012, vol. 1, issue 2, 5-17

Abstract: Everyday news reports reveal incidents and even largescale scandals in the business world related to improper information security handling. Despite available and existing relevant information security standards, incidents which could lead to real problems were not proactively prevented for numerous of reasons. One of the first and most important reasons was not implemented and observed relevant information security standards such as ISO 27001. This standard defines requirements for an organisation’s Information Security Management System (ISMS). Implementation of the ISMS is only the tip of the iceberg in managing information security since all system parts have to be well monitored and adjusted to prevent or minimize security risks. This process of monitoring and upgrading takes most of the resources dedicated to every ISMS. Standard such as ISO 27004:2009 which defines what has to be monitored also belongs to ISO 2700 series of standards. The ISO 27004:2009 standard does not define how measurement has to be done by using a specific kind of architecture and infrastructure for the Key Performance Indicator (KPI) measurement and monitoring. In this paper is presented holistic approach for implementing architecture and infrastructure to collect, analyse, and present information security KPIs, in order to achieve constant improvements of the ISMS. The same approach could be used for other business activities as well in central banks or other organisations.

Keywords: Information Security; KPI; measurement (search for similar items in EconPapers)
JEL-codes: O31 (search for similar items in EconPapers)
Date: 2012
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
http://www.cbcg.me/repec/cbk/journl/vol1no2-1.pdf (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:cbk:journl:v:1:y:2012:i:2:p:5-17

Access Statistics for this article

More articles in Journal of Central Banking Theory and Practice from Central bank of Montenegro Contact information at EDIRC.
Bibliographic data for series maintained by ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:cbk:journl:v:1:y:2012:i:2:p:5-17