Institutional Repository

A gab analysis to compare best practice recommendations legal requirements when raising information security awareness amongst home users of online banking

UnisaIR/Manakin Repository

Show simple item record

dc.contributor.author Botha, Carla-Lee
dc.date.accessioned 2012-02-23T09:04:33Z
dc.date.available 2012-02-23T09:04:33Z
dc.date.issued 2011-06
dc.identifier.uri http://hdl.handle.net/10500/5457
dc.description.abstract South African home users of the Internet use the Internet to perform various everyday functions. These functions include, but are not limited to, online shopping, online gaming, social networking and online banking. Home users of online banking face multiple threats, such as phishing and social engineering. These threats come from hackers attempting to obtain confidential information, such as online banking authentication credentials, from home users. It is, thus, essential that home users of online banking be made aware of these threats, how to identify them and what countermeasures to implement to protect themselves from hackers. In this respect, information security awareness (ISA) programmes are an effective way of making the home users of online banking aware of both the threats they face and the countermeasures available to protect themselves from these threats. There are certain legal requirements with which South African banks have to comply when implementing ISA initiatives. Non-compliance or failure to demonstrate due care and due diligence should a security incident occur will result in financial penalties for the bank as well as possible brand damage and loss of customers. Banks implement international best practice recommendations in an effort to comply with legislation. These include recommendations for information security awareness. This research investigated both information security best practice recommendations and information security legal requirements for information security awareness. A selected list of information security best practices was investigated for best practice recommendations while a selected list of information security legislation was investigated for legal requirements imposed on South African banks. A gap analysis was performed on both these recommendations and requirements to determine whether the implementation of best practice recommendations resulted in compliance with legal requirements. The gap analysis found that the implementation of best practice recommendations does not result in compliance with legal requirements. Accordingly, the outcome of this research highlighted the importance of understanding the legal requirements and ensuring that adequate controls are in place with which to achieve compliance. en
dc.format.extent 1 online resource (viii, 152 leaves)
dc.language.iso en en
dc.subject Online banking en
dc.subject Information security en
dc.subject Gap analysis en
dc.subject.ddc 332.102854678
dc.subject.lcsh Banks and banking -- Computer network resources
dc.subject.lcsh Banks and banking -- Data processing
dc.subject.lcsh Investments -- Computer network resources
dc.subject.lcsh Investments -- Data processing
dc.title A gab analysis to compare best practice recommendations legal requirements when raising information security awareness amongst home users of online banking en
dc.type Dissertation en
dc.description.department Business Information systems
dc.description.degree Msc. (Information systems)


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search UnisaIR


Browse

My Account

Statistics