Information System Risks That May Affect the Duration and/or Cost of the Project

Submitted by: Submitted by

Views: 261

Words: 815

Pages: 4

Category: Business and Industry

Date Submitted: 02/17/2014 09:47 PM

Report This Essay

Security risk

Internet is a public network of computers which facilitates flow of data / information and to which there is unrestricted access. It is, therefore, insecure and banks using this medium for financial transactions must have proper technology and systems in place to build a secured environment for such transactions.

Security risk arises on account of unauthorized access to a bank’s critical information stores like accounting system, risk management system, portfolio management system, etc. A breach of security could result in direct financial loss to the bank. For example, hackers operating via the Internet could access, retrieve and use confidential customer information and also can implant virus. This may result in loss of data, theft of or tampering with customer information, disabling of a significant portion of bank’s internal computer system thus denying service and cost of repairing these also increases.

In addition to external attack banks are exposed to security risk from internal sources e.g. employee fraud. Employees being familiar with different systems and their weaknesses become potential security threats in a loosely controlled environment. They can manage to acquire the authentication data in order to access the customer accounts. They possibly may draw funds directly from general bank account of use smart card number etc, causing losses to the bank.

Operational risk

Operational risk also referred to as transactional risk is the most common form of risk associated with online banking. It takes the form of inaccurate processing of transactions, non enforceability of contracts, compromises in data integrity, data privacy and confidentiality, unauthorized access / intrusion to bank’s systems and transactions etc. Such risks can arise out of weaknesses in design, implementation and monitoring of banks’ information system. Besides inadequacies in technology, human factors like negligence by customers and employees, fraudulent employee...