Enterprise Information Systems Security: A Case Study in the Banking Sector
Abstract
One important module of Enterprise Information System (EIS) is the development and implementation of the security component of EIS. Furthermore, this EIS Security structure needs to be monitored through the corporate governance of the firm. Based on a literature review and our previous work, we identified four key pillars of a model for EIS Security. These pillars are Security Policy (e.g., set rules for employee behavior), Security Awareness (e.g., continued education of employees), Access Control (e.g., access linked to employee job function), and Top Level Management Support (e.g., engrain information security into the company’s culture). We explore the relevance of this model using a case study approach by way of interviewing top-level information systems mangers in the banking sector. We validate the model through using key informant in-depth interviews and qualitative research methods.
Origin | Files produced by the author(s) |
---|