Third-Party Information Security: Generic Qualitative Inquiry in Banking and Financial Services - Journal of Financial Risk Management

JFRM > Vol.13 No.3, September 2024

Journal of Financial Risk Management

Volume 13, Issue 3 (September 2024)

ISSN Print: 2167-9533 ISSN Online: 2167-9541

Google-based Impact Factor: 1.92 Citations

Third-Party Information Security: Generic Qualitative Inquiry in Banking and Financial Services ()

XML

Download as PDF (Size: 1746KB) PP. 576-603

DOI: 10.4236/jfrm.2024.133027 74 Downloads 465 Views

Author(s)

Genemar Arthur Lazo

Affiliation(s)

College of Technology and Engineering, Westcliff University, Irvine, CA, USA.

ABSTRACT

Problem: Although IT security frameworks and solutions are available, banking and financial organizations encounter challenges in accepting security technology to secure the organization and its third-parties. Purpose: The purpose of the study is to explore implementation strategies for banking and financial IT third-party security solutions to determine impediments to full acceptance of available security tools related to access control and data protection. Method: The technique selected for this project is qualitative inquiry. Population: The project question was explored via interviews. The researcher used purposeful and convenience sampling methods to identify participants who work within the banking and financial services industry in the United States. Results: The researcher conducted a thematic analysis using the UTAUT framework applied to access controls, and data protection was completed during the review. The themes identified included the key factors for increasing the acceptance of security solutions for banking and financial services organizations and related third-parties for access controls and data protection: assessments, executive sponsorship, oversight of the implementation, requirements management, sufficient planning, and testing of technical solutions. Implications/Practical Uses: This project’s recommendations include assessments for third-parties, training, and scoping requirements. The researcher may propose increased communication, assessment methodologies, and tools for protecting data, services, and third-parties.

KEYWORDS

Banking, Financial Services, Information Security, Access Controls, Data Protection, APIs, Application Program Interfaces, Web Application Security, Third-Party, Supplier, Vendor, Security Assessments

Share and Cite:

Lazo, G. (2024) Third-Party Information Security: Generic Qualitative Inquiry in Banking and Financial Services. Journal of Financial Risk Management, 13, 576-603. doi: 10.4236/jfrm.2024.133027.

Cited by

No relevant information.

Journals Menu

Follow SCIRP

	customer@scirp.org
	+86 18163351462(WhatsApp)
	1655362766

	Paper Publishing WeChat

Journals Menu

Home

About SCIRP

Service

Policies