Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technology Security Risk Management. Technology Security Risks 1. Data Confidentiality risk 2. System Integrity risk 3. System Availability risk 4. Customer.

Published byAgnes Stokes Modified over 9 years ago

Similar presentations

Presentation on theme: "Technology Security Risk Management. Technology Security Risks 1. Data Confidentiality risk 2. System Integrity risk 3. System Availability risk 4. Customer."— Presentation transcript:

1 Technology Security Risk Management

2 Technology Security Risks 1. Data Confidentiality risk 2. System Integrity risk 3. System Availability risk 4. Customer & Transaction Authenticity risk 5. Customer Protection risk

3 1. Data Confidentiality 1. Protection of sensitive information from unauthorized eyes & allowing authorized access only. 2. Bank’s on line system should a level of encription appropriate to the type & extent of the risk.

4 2. System Integrity 1. Accuracy, Reliability & Completeness of information Processed, Stored or Transmitted, between the Bank & its Customer. 2. Bank should install Monitoring or Surveillance system that would alert to any erratic system activities or unusual online transactions.

5 3. System Availability 1. High level of system availability is required for maintaining public confidence. 24x365 2. Adequte Capacity 3. Reliable Performance 4. Fast Responde Time 5. Scaleability 6. Recoverability Capability

6 4. Customer & Transaction Authenticity 1. Cryptographic technologies should be used. 2. a)User ID b)PIN c)One-Time Password OTP d)Dynamis Access Code e)Digital Signature 3. Customer Verification by a)what customer knows b)what customer has c)what cutomer is given, one-time password d)who customer is Biometrics

7 5. Customer Protection 1. Bank must ensure that the customer is properly identified & authenticated before access to customer information & allowing for transactions from accounts. 2. Two-Factor Authentication technology should be used a) knowledge factor b) possession factor c) inherence factor

Download ppt "Technology Security Risk Management. Technology Security Risks 1. Data Confidentiality risk 2. System Integrity risk 3. System Availability risk 4. Customer."

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.

Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.
9 - 1 Computer-Based Information Systems Control.

9 - 1 Computer-Based Information Systems Control.
Debit Card Plastic card that looks like a credit card

Debit Card Plastic card that looks like a credit card
The Islamic University of Gaza

The Islamic University of Gaza
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
EUropean Best Information through Regional Outcomes in Diabetes Privacy and Disease Registries Technical Aspects Peter Beck JOANNEUM RESEARCH, Austria.

EUropean Best Information through Regional Outcomes in Diabetes Privacy and Disease Registries Technical Aspects Peter Beck JOANNEUM RESEARCH, Austria.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Risk Management. Risk Categories Strategic Credit Market Liquidity Operational Compliance/legal/regulatory Reputation.

Risk Management. Risk Categories Strategic Credit Market Liquidity Operational Compliance/legal/regulatory Reputation.
What does it mean for you?.  The protection of private, identifying information.  If information is accorded a confidential status, that status mandates.

What does it mean for you?.  The protection of private, identifying information.  If information is accorded a confidential status, that status mandates.
Introduction to PCI DSS

Introduction to PCI DSS
The Office of Information Technology Two-Factor Authentication.

The Office of Information Technology Two-Factor Authentication.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 5: Security Controls.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.

RIVERA SÁNCHEZ-1 CSE 5810 User Authentication in Mobile Healthcare Applications Yaira K. Rivera Sánchez Computer Science & Engineering Department University.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Similar presentations

Ads by Google