Title: An information system risk assessment model: a case study in online banking system

Authors: Sajjad Shokouhyar; Farhad Panahifar; Azadeh Karimisefat; Maryam Nezafatbakhsh

Addresses: Accounting and Management Faculty, Information Technology Management Department, Shahid Beheshti University, Iran ' Accounting and Management Faculty, Information Technology Management Department, Shahid Beheshti University, Iran ' Accounting and Management Faculty, Information Technology Management Department, Shahid Beheshti University, Iran ' Accounting and Management Faculty, Information Technology Management Department, Shahid Beheshti University, Iran

Abstract: Today, almost all bank affairs are automatic and all transactions, processing and money transfers are performed by applying information systems technologies. Moreover, to codify the strategies and making management decisions more effectively, banks rely on electronic information systems. The remarkable point is the security and the security risk management of information systems which the traditional point of view would not overcome its future challenge. This paper identified the relevant elements to the security risks of informational electronic banking systems based on previous research studies. The final weight of all elements was then determined by fuzzy analytic hierarchy process and Chung weighing method. After that, the final weights of all elements in three case studies from banking section have been calculated. Ultimately, elements securities of those banks were clarified by using Jaeger fuzzy classification. The results indicated that the vulnerability element has the most weight.

Keywords: risk management; information security; informative systems; fuzzy logic.

DOI: 10.1504/IJESDF.2018.089205

International Journal of Electronic Security and Digital Forensics, 2018 Vol.10 No.1, pp.39 - 60

Received: 09 Sep 2016
Accepted: 22 May 2017

Published online: 09 Jan 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article