Outsourcing information security of financial organizations: main approaches and associated risks

  • Vodovatov Maxim Sergeevich Financial University under the Government of the Russian Federation
  • Pavel Vladimirovich Revenkov Financial University under the Government of the Russian Federation
Keywords: outsourcing, evaluation parameters, management, evaluation of services, recommendations, financial organizations

Abstract

The article covers important aspects of information security outsourcing in financial organizations. The importance of risk identification and development of Service Level Agreements (SLA) in the context of outsourcing is considered in detail, emphasizing the need for careful planning and consideration of specific requirements of financial organizations. The article highlights the key aspects of information security outsourcing. Particular attention is paid to the monitoring and control of the parameters of the evaluation of services, including monitoring procedures, notification, regular monitoring and storage of data for verification. The article also draws attention to the features of the Russian information security services market and the importance of adapting the outsourcing strategy to these features. The article provides valuable recommendations for financial organizations seeking to ensure reliable information security.

Date of submission of the article to the editor: 2023-09-11.

Date of receipt of the article after peer review: 2023-10-07.

Downloads

Download data is not yet available.

Author Biographies

Vodovatov Maxim Sergeevich, Financial University under the Government of the Russian Federation

2nd year master's student

Address: 4th Veshnyakovsky passage, 4, bldg. 2, Moscow, 109456, Russia

Pavel Vladimirovich Revenkov, Financial University under the Government of the Russian Federation

Doctor of Economics, Associate Professor, Professor of the Department of Information Security

Address: 4th Veshnyakovsky passage, 4, bldg. 2, Moscow, 109456, Russia

ORCID: 0000-0002-0354-0665

E-mail: PVRevenkov@fa.ru

References

Стандарт Банка России СТО БР ИББС 1.4-2018 Обеспечение информационной безопасности организаций банковской системы Российской Федерации. Управление риском нарушения информационной безопасности при аутсорсинге. Дата введения: 2018-07-01 Издание официальное. Москва, 2018. URL: https://www.cbr.ru/statichtml/file/59420/st-14-18.pdf.

Аникин Б.А., Рудая И.Л. Аутсорсинг и аутстаффинг: высокие технологии менеджмента: учебное пособие / Б.А. Аникин, И.Л. Рудая. — 4-е изд., испр. и доп. — Москва: ИНФРА-М, 2022. – 313 с. – ISBN 978-5-16-016979-8.

Канашевский В.А. Банковская тайна и использование банками услуг аутсорсинга информационной безопасности / В. А. Канашевский // Lex Russica (Русский закон). – 2018. – № 7(140). – С. 92-97. – DOI 10.17803/1729-5920.2018.140.7.092-097. – EDN XULFVZ. – ISSN 1729-5920 (Print). – ISSN 2686-7869 (Online).

Неизвестный С.И. Риски аутсорсинга и привлечения подрядчиков к внедрению системы информационной безопасности / С.И. Неизвестный // Информационная безопасность: вчера, сегодня, завтра: Сборник статей по материалам VI Всероссийской научно-практической конференции, Москва, 12 апреля 2023 года. – Москва: Российский государственный гуманитарный университет, 2023. – С. 43-46. – EDN QFIYTV. – ISBN: 978-5-7281-3105-2.

Ревенков П.В. Кибербезопасность в условиях электронного банкинга / Практическое пособие под ред. П.В. Ревенкова. М.: Прометей. 2020. – 522 с. – ISBN: 978-5-907244-61-0.

Ревенков, П.В., Чебарь, А.Г., Бердюгин, А.А. Источники киберрисков в условиях функционирования экосистем. В центре экономики. 2022;3(1):1-11. URL: https://vcec.ru/index.php/vcec/article/view/53. – ISSN 2713-2242.

Cezar Asunur, Cavusoglu Huseyin, Raghunathan, Srinivasan Outsourcing Information Security: Contracting Issues and Security Implications. Management Science. 2010;60(3): 638-657. DOI 10.1287/mnsc.2013.1763.

Jacques Touma Conventional versus Unconventional Outsourcing. American Journal of Industrial and Business Management. 2020;10(12);1812-1822. URL: https://www.scirp.org/journal/paperinformation.aspx?paperid=106052. DOI: 10.4236/ajibm.2020.1012112. ISSN 2164-5167. eISSN 2164-5175.

Jiangping Wan, Dan Wan, Hui Zhang Case Study on Business Risk Management for Software Outsourcing Service Provider with ISM. Technology and Investment. 2010;1(4):257-266. URL: https://www.scirp.org/journal/paperinformation.aspx?paperid=3213. DOI: 10.4236/ti.2010.14033. ISSN 2150-4059. eISSN 2150-4067

Teng Qian, Kouyate Boh Aisaata, Miao Miao Human Resource Outsourcing in Banking Sector: Case Study of UBA Bank-Guinea. Open Journal of Business and Management. 2019;7(1):245-262. URL: https://www.scirp.org/journal/paperinformation.aspx?paperid=89943. DOI: 10.4236/ojbm.2019.71017. ISSN 2329-3284. eISSN 2329-3292

Xinyuan Xi, Yingyu Xu, Hiroyushi Todo The Present Situation of IT Outsourcing and Countermeasure. Journal of Software Engineering and Applications. 2013;6(8):426-430. URL: https://www.scirp.org/journal/paperinformation.aspx?paperid=35254. DOI: 10.4236/jsea.2013.68052. ISSN 1945-3116. eISSN Online: 1945-3124.


Abstract views: 432
PDF Downloads: 244
Published
2023-11-21
How to Cite
Maxim Sergeevich, V., & Revenkov, P. V. (2023). Outsourcing information security of financial organizations: main approaches and associated risks. In the Center of Economy, 4(4), 122-130. Retrieved from https://www.vcec.ru/index.php/vcec/article/view/98
Section
Information technology in the economy