Information security risk items and management practices for mobile payment using non-financial-institution service providers: An exploratory study

被引:0
|
作者
Huang, Shaio-Yan [1 ]
Wang, Tawei [2 ,4 ]
Huang, Yu -Ting [3 ]
Yeh, Tzu-Ning [1 ]
机构
[1] Natl Chung Cheng Univ, Dept Accounting & Informat Technol, Chiayi, Taiwan
[2] Depaul Univ, Sch Accountancy & MIS, Chicago, IL 60604 USA
[3] Chihlee Univ Technol, Dept Accounting & Informat, Taipei, Taiwan
[4] DePaul Univ, Sch Accountancy & MIS, 1 East Jackson Blvd,DePaul Ctr Suite 1 6000, Chicago, IL 60604 USA
来源
INTERNATIONAL JOURNAL OF ACCOUNTING INFORMATION SYSTEMS | 2024年 / 53卷
关键词
Non-financial institutions; Mobile payment; Information security; Internal control; COBIT; 2019; TECHNOLOGY; GOVERNANCE;
D O I
10.1016/j.accinf.2024.100684
中图分类号
F [经济];
学科分类号
02 ;
摘要
Mobile payment has become increasingly popular in recent years. However, concerns remain about the information security risk management practices implemented by non-financialinstitution mobile payment service providers, such as mobile phone carriers and technology companies, using tokenization systems and encryption mechanisms. Using the modified Delphi method and building on the COBIT 2019 framework, this study explores and suggests how these non-financial-institution mobile payment service providers can consider a more holistic list of information security risk items and their corresponding management practices. We believe the proposed practices will help non-financial-institution mobile payment service providers focus on the valuable aspects of information security risks.
引用
收藏
页数:16
相关论文
共 8 条
  • [1] Information security service in financial institute - A risk quantification management perspective
    Wang, Liping
    Lao, Guoling
    [J]. PROCEEDINGS OF THE 2007 CONFERENCE ON SYSTEMS SCIENCE, MANAGEMENT SCIENCE AND SYSTEM DYNAMICS: SUSTAINABLE DEVELOPMENT AND COMPLEX SYSTEMS, VOLS 1-10, 2007, : 2119 - 2124
  • [2] The role of risk management practices in IT service procurement: A case study from the financial services industry
    Harju, Aleksi
    Schaefer, Kati
    Hallikas, Jukka
    Kahkonen, Anni-Kaisa
    [J]. JOURNAL OF PURCHASING AND SUPPLY MANAGEMENT, 2024, 30 (02)
  • [3] Three-factor model of Enterprise Risk Management implementation: exploratory study of non-financial companies
    Ivana Dvorski Lacković
    Nataša Kurnoga
    Danijela Miloš Sprčić
    [J]. Risk Management, 2022, 24 : 101 - 122
  • [4] Three-factor model of Enterprise Risk Management implementation: exploratory study of non-financial companies
    Lackovic, Ivana Dvorski
    Kurnoga, Natasa
    Sprcic, Danijela Milos
    [J]. RISK MANAGEMENT-AN INTERNATIONAL JOURNAL, 2022, 24 (02): : 101 - 122
  • [5] Security-Aware Information Classifications Using Supervised Learning for Cloud-Based Cyber Risk Management in Financial Big Data
    Gai, Keke
    Qiu, Meikang
    Elnagdy, Sam Adam
    [J]. 2016 IEEE 2ND INTERNATIONAL CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY), IEEE INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING (HPSC), AND IEEE INTERNATIONAL CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS), 2016, : 197 - 202
  • [6] Information Model Design as Model-Driven for Service Oriented Architecture (SOA) Implementation in PK-BLU Institution Using SOA Ontology Case Study: Financial Administration Bureau Padjadjaran University
    Nurhasan, Yoseph Ismail
    Dabarsyah, Ir. Budiman
    Fakhrurroja, Hanif
    Si, S.
    [J]. 2013 INTERNATIONAL CONFERENCE ON ICT FOR SMART SOCIETY (ICISS): THINK ECOSYSTEM ACT CONVERGENCE, 2013, : 222 - 230
  • [7] Identification of Undetected Dementia and Hypoglycemic Risk Using the Dementia Assessment Sheet for Community-Based Integrated Care System 21-Items in the Glycohemoglobin-Guided Management of Elderly Individuals with Diabetes: An Exploratory Study
    Yasuda, Takuma
    Murakami, Takaaki
    Ueba, Yoko
    Fujita, Haruka
    Fujimura, Masaki
    Hatoko, Tomonobu
    Kanai, Yugo
    Mori, Eisaku
    Yonemitsu, Shin
    Oki, Shogo
    Muro, Seiji
    [J]. INTERNATIONAL JOURNAL OF GERONTOLOGY, 2020, 14 (03) : 207 - 211
  • [8] Design of Information Security Risk Management Using ISO/IFC 27005 and NIST SP 800-30 Revision 1: A Case Study at Communication Data Applications of XYZ Institute
    Putra, Fandi
    Setiawan, Hermawan
    Pradana, Anggi
    [J]. 2017 4TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY SYSTEMS AND INNOVATION (ICITSI), 2017, : 251 - 256
1