F银行信息系统运行风险控制问题研究

发布时间：2018-04-28 18:15

本文选题：商业银行 + 信息系统　；参考：《辽宁大学》2012年硕士论文

【摘要】：随着银行信息化的深入发展,银行几乎所有的业务都是通过计算机机系统来收集、加工和处理的。银行业务的发展对信息系统的依赖性越来越高,由于信息系统自身的信息技术风险特点及在对信息系统风险管理中存在的疏漏,往往会对信息系统安全、稳定和可靠运行产生威胁并有可能产生严重后果,近几年来一些金融机构发生的信息系统风险事件更进一步表明,保障银行信息系统安全运行的重要性,同时,这些风险事件也促使监管部门加大了对商业银行信息科技风险的监管力度。而F银行在十几年短暂、快速的信息化发展建设过程中,也面临和应对着各种各样的信息技术风险,如何控制、预防这些风险,保证信息系统安全、稳定、可靠的运行,是F银行实施IT战略过程所必须关注的重要问题。可以说,只要银行应用信息技术,依赖于信息系统,就存在信息技术风险,就会影响信息系统的运行安全,那么银行对信息系统的风险管理就是一件任重而道远的工程。本文就是在此内、外部背景下,对F银行信息系统运行阶段风险控制问题展开研究的。本文基于COSO内部控制理念框架、ITIL最佳实践、ISO27001信息安全、COBIT等国际标准与方法,结合银行业监管部门要求、制定的标准,分析F银行核心信息系统运行风险,找出运行阶段风险控制过程中存在管理缺陷和技术漏洞,制定适合实际系统运行环境与发展建设的风险控制对策,并在具体实施中对控制措施提供必要的保障。通过对信息系统运行风险控制问题的研究,可以进一步提高全体员工和管理者对信息系统风险防范认识,丰富和完善信息系统运行风险管理体系,同时通过局部的风险控制建设,促进全面的IT风险管理体系建设,为F银行信息系统安全、稳健、高效的运行搭建夯实的IT平台,最终实现企业IT战略实施与经营战略发展相适应与统一。
[Abstract]:With the development of bank informatization, almost all banking business is collected, processed and processed by computer system. The development of bank business is more and more dependent on information system. Because of the characteristics of information technology risk and the omissions in risk management of information system, it is often safe to information system. Stable and reliable operations pose a threat and can have serious consequences. The information system risk incidents that have occurred in some financial institutions in recent years have further demonstrated the importance of ensuring the safe operation of banking information systems, while, at the same time, These risks have also prompted regulators to step up the supervision of IT risks in commercial banks. In the course of the short and rapid development of information technology in more than ten years, Bank F is also facing and coping with various kinds of information technology risks. How to control and prevent these risks and ensure the safe, stable and reliable operation of information systems, It is an important issue that F Bank must pay attention to in the process of implementing IT strategy. It can be said that as long as banks apply information technology and rely on information systems, there will be information technology risks, which will affect the operation security of information systems. In this paper, the risk control of F bank information system is studied in this paper. Based on the framework of COSO internal control concept and international standards and methods such as ISO27001 information security and COBIT, this paper analyzes the operational risk of core information system of F bank in accordance with the requirements of banking supervision department. This paper finds out the management defects and technical loopholes in the process of risk control in the operation stage, and formulates the risk control countermeasures suitable for the operation environment and development construction of the actual system, and provides the necessary guarantee for the control measures in the concrete implementation. Through the research on risk control of information system operation, we can further improve the understanding of risk prevention of information system, enrich and perfect the risk management system of information system operation. At the same time, through the construction of local risk control, we can promote the construction of comprehensive IT risk management system, and build a solid IT platform for the safe, stable and efficient operation of F bank information system. Finally realize the enterprise IT strategy implementation and management strategy development adapts and unifies.
【学位授予单位】：辽宁大学
【学位级别】：硕士
【学位授予年份】：2012
【分类号】：F832.2

【参考文献】