31-03-2014, 01:04 PM
The Application of AHP Model to Guide Decision Makers: A Case Study of E-Banking Security
AHP Model to Guide Decision.pdf (Size: 436.17 KB / Downloads: 11)
Abstract
Changes in technology have resulted in new ways for
bankers to deliver their services to costumers. Electronic
banking systems in various forms are the evidence of such
advancement. However, information security threats also
evolving along this trend. This paper proposes the application
of Analytic Hierarchy Process (AHP) methodology to guide
decision makers in banking industries to deal with information
security policy. The model is structured according aspects of
information security policy in conjunction with information
security elements. We found that cultural aspect is valued on
the top priority among other security aspects, while
confidentiality is considered as the most important factor in
terms of information security elements.
INTRODUCTION
Changes in technology have resulted in new ways for
bankers to deliver their services to costumers. Now, we are
witnessing rapid development in banking industries to enable
electronic payment through Internet as an example.
Although there have been significant advancement, the
main problem remains the same, security and privacy.
Banking industries play a significant role to ensure all
financial transactions in digital form are adequately secured
from any possible threats. However, there have been no
single technical solutions available to handle all security
issues in banking sector. It is even worsened if such security
issues are regarded only from technical perspectives as
confirmed in [1].
In the case of banking industries, better management of
information security has been realized as an important factor
to ensure safety of all financial transactions. Under IT
management umbrella, we found several terms such as
information technology governance, information security
management, and information systems audit. In order to
fulfill the requirements, banking industries follow several
international standards to comply with, such as COBIT and
ISO 27001.
ANALYTIC HIERARCHY PROCESS
Analytic Hierarchy Process (AHP) is originally
introduced by Saaty in [4] as a excellent MCDM (multi
criteria decision making) tool which was acknowledged by
many researchers as can be seen in [8].
One of the main advantages of Saaty’s AHP is it’s
simplicity compare toprevious decision support methods. It
also enables qualitative and quantitative into the same
decision making methodology by giving a basis for eliciting,
discussing, recording, and evaluating the elements of a
decision. It uses hierarchal way with goals, sub goals or
factors and alternatives.
The structure will be then translated into a series of
questions of the general form, ‘How important is criterion A
relative to criterion B?’. The input to AHP models is the
decision maker’s answers to a series of questions is then
termed pairwise comparisons. Questions of this type may be
used to establish, within AHP, both weights for criteria and
performance scores for options on the different criteria.
CONCLUSION
Analytic Hierarchy Process can be used to help decision
makers in banking sector analyzing information security
policy from macro level perspective. This study justifies that
the application of AHP method in information security is
reasonable and it provides a robust and encompassing
treatment for decision makers in both qualitative and
quantitative ways.
From information security aspect perspective, the top
priority is cultural aspect then followed by economy,
management and technology respectively. Then, in terms of
information security element.