In recent years, in financial institutions, but also others, more and more funds are spent on building information security systems and improving IT risk management processes and information transfer on the Internet. In banks, improvement of IT systems risk management and information transfer processes on the Internet is treated as just as important as the management of classic banking and financial risk categories, such as credit risk management.
Do you agree with my opinion on this matter?
In view of the above, I am asking you the following question:
Has the importance of improving IT risk management processes and information transfer on the internet been growing in recent years?
Please reply
I invite you to the discussion
Thank you very much
Best wishes
In my view, it definitely has. Among others, financial industry is increasingly based on efficient data storage, processing and exchange. Web based applications, cloud solutions and data analytics are widely used, but they come along with specific vulnerability. The awareness given to IT risks is reflected in an increasing number of insurance solutions against such risks.
Formally, the European regulation on data privacy force all sorts of enterprises, both public and private, to intensify risk management efforts.
That question needs to be split into at least two subquestions:
I can only respond on the first item where we have seen developments such as the following:
- the ongoing development of ISACA's COBIT framwork (Control Objectives for Information and Related Technologies) which can be accessed here http://www.isaca.org/cobit/pages/default.aspx
- increase in consulting services around cybersecurity for example https://www.nccgroup.trust/uk/
- increase in insurance products specialized to these kinds of risks for example https://www.beazley.com/united_kingdom/cyber_and_tech.html
If the above considerations are ABSENT from an organisation's risk management framework then that could represent an unmanaged risk. That would still be the case whether the organisation is a bank, company, government entity or not-for-profit entity. I.e. these risks apply universally unless proved otherwise. I cannot think of too many exceptions to these kinds of risks other than old aged pensioners in palliative care.
Hopefully there are a few useful pointers to additional information sources in the above, even if it was only related to the first part of your question.
Dear Friends and Colleagues of RG, I suggest the following questions: How should the IT systems risk management processes and the security of data transfer on the Internet be improved?
How should the IT systems risk management processes and the security of data transfer on the Internet be improved? Should the processes of improving the risk management of information systems and the security of data transfer on the Internet work in the form of "extinguishing fires" or rather the concept of creating preventive additional security, design and implementation of emergency emergency systems, organizing permanent training for the whole staff, conducting stress tests and conducting research aimed at overtaking potential threats resulting from hackers and cybercriminals?
Please reply
I invite you to the discussion
Thank you very much
Best wishes
The fact that the improvement of IT risk management processes and the transfer of information on the Internet has gained in importance in recent years can already be attributed to the legal framework conditions. The fact that information security risks are to be managed results from the GDPR for the EU and actors who want to do business in the EU. In Germany the legal requirements for operators of critical infrastructures (energy, supply, medicine, finances etc.) as well as regulations of individual supervisory authorities are added. This often includes the use of standards (above all ISO/IEC 27001 or BSI standards). Without the establishment of risk/compliance/safety management systems, (larger) companies can no longer act compliantly today. And this means that companies have to take exactly the structured measures described by you. In addition, I believe that IT risk control measures must be combined with appropriate monitoring measures. The adequacy and effectiveness of these monitoring measures is then again subject to an assessment by Internal Audit.
What are the main determinants and risk factors that should be used to build a cyber crime risk management system, including the risk of data loss in information systems connected to the Internet, the risk of data transfer on the Internet, etc.? What key types of risk, potential threat factors etc. should be built into an integrated, comprehensive risk management system of information systems of business entities and / or financial institutions, public institutions, etc.?
Please reply,
What is your opinion on this topic?
I am asking for an answer and invite you to a discussion,
Thank you very much and best regards,
Dariusz Prokopowicz
Dear Thomas Neusius, Christopher C Kelly, Emmanuel V Murray, Michael Klotz, Mohammed Ali Bait Ali Sulaiman, Thank you very much for participating in this discussion and providing inspiring and informative responses. Your statements confirm that the above-mentioned issues are current and developing. I also believe the importance of improving IT risk management processes and information transfer on the internet been growing in recent years. In connection with the development of electronic internet banking, the importance of improving the process of managing the risk of cybercrime and loss of data transferred via the Internet will also increase in the coming years.
Thank you very much and best regards, Best wishes,
Have a nice day,
Dariusz Prokopowicz
Yes... … Information technology risk management is completely technology-oriented and deals with software, hardware, information and data, but dealing with people is not necessarily completely technical … Samimi, A. (2020). Risk Management in Information Technology. Progress in Chemical and Biochemical Research, 130-134.
social commerce information sharing, and perceived privacy risk on the rise … Bugshan, H., & Attar, R. W. (2020). Social commerce information sharing and their impact on consumers. Technological Forecasting and Social Change, 153, 119875.
- Badges
- Science topic
- Similar topics
- Computer Science
- Computer Communications (Networks)
- Internet