Skip navigation
st. Mary's University Institutional Repository St. Mary's University Institutional Repository

Please use this identifier to cite or link to this item: http://hdl.handle.net/123456789/5183
Title: Cyber Security Auditing Framework (CSAF) For Banking Sector in Ethiopia
Authors: Asfaw, Tesfaye
Keywords: Cyber Security, Cyber Security Auditing
Cyber Security Auditing Framework, Security
Threats, and Security controls
Issue Date: Jul-2018
Publisher: st.mary's University
Abstract: The advancement of cyber security and technology offers a vital benefit for business. Modern Banking increasingly relies on the Internet and computer technologies to operate their businesses and market interactions. Banks are on the way of using up-to-date technologies to increase efficiency and effectiveness in service delivery. However, these benefits do not come without risks for information being misused, service disrupted or any other attacks interrupting the normal operation of computer based cyber systems. The threats and security breaches are highly increasing in recent years globally. Ethiopian case is not an exception. The main objective of this study is to propose and develop a workable Cyber Security Auditing Framework (CSAF) in banking sector. In this work, attempts were made to examine and compare the available cyber security frameworks and best practices. This research combines ISO audit checklists and expert experiences to assess the cyber security system practices in the banking industry. By applying a mixed research method approach the study assesses the existing practices, process and challenges of the selected banks cyber security issues and proposed cyber security audit framework which is workable for the Ethiopian banking industry. The framework is constructed from two basic pillars. The first is the requirement identification mechanism which is further broken into ERM (Entity Relation Model) and organizational & process models. The second one is the counter measure which focuses on the organizational policy, procedure, guideline, and controls. Finally, the researchers proposed a workable framework that can assist the industry from cyber-attacks. The framework has both practical and theoretical contributions to the industry at large and for researchers for further similar efforts.
URI: .
http://hdl.handle.net/123456789/5183
Appears in Collections:Master of computer science

Files in This Item:
File Description SizeFormat 
Final thesis document.pdf2.46 MBAdobe PDFView/Open
Show full item record


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.