1 / 7

Technology Security Risk Management

Technology Security Risk Management. Technology Security Risks. 1. Data Confidentiality risk 2. System Integrity risk 3. System Availability risk 4. Customer & Transaction Authenticity risk 5. Customer Protection risk. 1. Data Confidentiality.

Download Presentation

Technology Security Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Technology Security Risk Management

  2. Technology SecurityRisks • 1. Data Confidentiality risk • 2. System Integrity risk • 3. System Availability risk • 4. Customer & Transaction Authenticity risk • 5. Customer Protection risk

  3. 1. Data Confidentiality • 1. Protection of sensitive information from unauthorized eyes & allowing authorized access only. • 2. Bank’s on line system should a level of encription appropriate to the type & extent of the risk.

  4. 2. System Integrity • 1. Accuracy, Reliability & Completeness of information Processed, Stored or Transmitted, between the Bank & its Customer. • 2. Bank should install Monitoring or Surveillance system that would alert to any erratic system activities or unusual online transactions.

  5. 3. System Availability • 1. High level of system availability is required for maintaining public confidence. 24x365 • 2. Adequte Capacity • 3. Reliable Performance • 4. Fast Responde Time • 5. Scaleability • 6. Recoverability Capability

  6. 4. Customer & Transaction Authenticity • 1. Cryptographic technologies should be used. • 2. a)User ID b)PINc)One-Time Password OTP d)Dynamis Access Code e)Digital Signature • 3. Customer Verification by a)what customer knows b)what customer has c)whatcutomer is given, one-time password d)who customer is Biometrics

  7. 5. Customer Protection • 1. Bank must ensure that the customer is properly identified & authenticated before access to customer information & allowing for transactions from accounts. • 2. Two-Factor Authentication technology should be used a) knowledge factor b) possession factor c) inherence factor

More Related