EVALUATING ISO STANDARDS APPLICATION OF SECURITY REQUIREMENTS OF E - BANKING IN SUDAN

This study aimed to measure the application of security requirements for e - banking, according to a series of ISO 27000 standards in Sudanese banks. The study is based on a set of hypotheses; planning for the creation and documentation of administrative and technical unique security requirements of the organization according to the standard documentation ISO 27001 affect the level of security and reduces risk", "implementation of administrative and technical unique security requirements of the organization according to the standard of practice ISO 27002 affect the level security and reduces risk", "setting and using measures to assess the implementation of the administrative and technical security requirements, according to the results of operations and stan dard measures ISO 27004 affect the level of security and reduces risk”, and "setting corrective and preventive actions for the administrative and technical security requirements that are based on the results of the auditing, affect the continuous improvem ent of information security management system and reduces risk". Data were collected from the managers of the technical departments of the surveyed banks. They were statistically tested. The study ended with different results; most important is that th e management of the administrative requirements for securing electronic systems in Sudanese banks is characterized by the following; stated according to the relative importance: security management, implementation and design, as well as risk assessment and re - assessment of awareness and responsibility. It is also proven that the management of the technical requirements for securing electronic systems in the Sudanese banks is excellent in resource security, physical security, network security and software s ecurity.