Development of Metamodel on Information Security Risk Audit and Assessment for IT Assets in Commercial Bank

Authors

  • Chen Kaiwen Clement Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia
  • Siti Hajar Othman Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia
  • Maheyzah Md Sirat Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia

DOI:

https://doi.org/10.11113/ijic.v8n2.150

Keywords:

ISRAA, Metamodel, IT Asset, Commercial Bank

Abstract

Nowadays, most fortunes of the commercial banks today are linked with Information Technology (IT) assets they possess and the way they audit their organizations IT assets. As information assets become the heart of commercial banks, Information Security Risk Audit and Assessment (ISRAA) is increasingly involved in managing commercial banks information security risk situations. ISRAA is an activity that analysis, audit, mitigates, and monitors the risks associated with IT assets. A more comprehensive and tighter regulatory environment is expected through the improvement on the ISRAA with clearer and appropriately defines regulatory guideline. This research creates a unified view of ISRAA in the form of a metamodel that can be seen as a language for this domain. A metamodeling process is applied to ensure that the outcome metamodel is complete and consistent. The metamodel is validated and refined to serve as a representational layer to unify, facilitate and expedite access to ISRAA expertise.

Author Biography

Chen Kaiwen Clement, Faculty of Computing, Universiti Teknologi Malaysia, 81310 UTM Johor Bahru, Johor, Malaysia

Faculty of Computing

Downloads

Published

2018-05-31

How to Cite

Clement, C. K., Othman, S. H., & Md Sirat, M. (2018). Development of Metamodel on Information Security Risk Audit and Assessment for IT Assets in Commercial Bank. International Journal of Innovative Computing, 8(2). https://doi.org/10.11113/ijic.v8n2.150

Issue

Section

Computer Science