ZJ银行信息安全风险管理策略研究

发布时间：2018-06-24 06:28

本文选题：商业银行 + 信息安全　；参考：《大连理工大学》2012年硕士论文

【摘要】：高速发展的信息技术在银行业的应用越来越广,特别是已经成为新生现代城市商业银行全方位业务运营的基础平台及金融科技创新的重要手段。信息技术的地位己从核心业务的后台支持逐步与业务有机融合,成为商业银行平稳运营和健壮发展的支柱,并上升到企业经营战略的高度。与此同时,商业银行也越来越重视信息技术的运用,其安全性、有效性及可靠性对银行整体发展有直接影响,甚至影响到国家金融系统的稳定。 zJ银行是一家近年来发展迅速的城市商业银行,其信息系统安全风险管理还处于探索建设阶段,尽管已采取一些信息安全技术及标准,但和大多数的城商行一样,ZJ银行也面临着如何有效将风险管理的理论和方法结合,实现决策性策略实施的非技术性课题。这成为ZJ银行信息安全领域日益凸显、亟待解决的问题。本文通过学习信息安全风险管理相关理论,研究国内外先进的信息安全管理标准、规范及相关制度和我国银监会在银行业信息安全管理方面的规定及实践。结合ZJ银行目前的信息安全管理现状进行了较全面的风险评估,指出ZJ银行在组织、技术等五方面面临的不同程度的风险。基于风险分析结果,借鉴业界最佳实践,制定了ZJ银行信息安全风险管理的目标和指导思想,并针对性的提出适合有效的信息安全风险管理“减少风险”的总体最佳策略,确定信息安全管理措施,有效减少信息安全风险,为银行的整体发展消除负面影响和损失。策略集信息安全管理的战略、政策标准、相关组织与人员、运作、技术五方面于一体。文中对策略的各方面进行了分析,希望能够为ZJ银行提高信息安全风险管理能力提供一定的理论指导,确保全行在关键的基础设施建设中信息系统的健康运行,保证经营业务持续高效运行,对增强ZJ银行行业竞争力具有重要的战略意义和现实意义。
[Abstract]:The rapid development of information technology is more and more widely used in the banking industry, especially it has become the basic platform for the comprehensive business operation of the new-born modern city commercial banks and an important means for the innovation of financial science and technology. The status of information technology has gradually integrated with the business from the backstage support of the core business, and has become the pillar of the smooth operation and robust development of commercial banks, and has risen to the height of business strategy. At the same time, commercial banks pay more and more attention to the application of information technology. Their security, effectiveness and reliability have a direct impact on the overall development of banks. It even affects the stability of the national financial system.ZJ Bank is a rapidly developing city commercial bank in recent years, and its information system security risk management is still in the stage of exploration and construction. Although some information security technologies and standards have been adopted, like most city commercial banks, ZJ Bank is faced with the non-technical problem of how to effectively combine the theory and method of risk management to realize the implementation of decision making strategy. This becomes ZJ bank information security field day by day prominent, the problem that urgently needs to be solved. By studying the relevant theories of information security risk management, this paper studies the advanced information security management standards, norms and related systems at home and abroad, as well as the regulations and practices of China Banking Regulatory Commission in the field of banking information security management. Combined with the current situation of information security management of ZJ Bank, this paper makes a comprehensive risk assessment, and points out that ZJ Bank faces different degrees of risk in five aspects, such as organization and technology. Based on the results of risk analysis and drawing lessons from the best practice of the industry, this paper formulates the objectives and guidelines of information security risk management of ZJ Bank, and puts forward the overall best strategy for effective information security risk management "risk reduction". To determine the information security management measures, effectively reduce the risk of information security, for the overall development of the bank to eliminate the negative impact and loss. Strategies are integrated into information security management strategies, policy standards, related organizations and personnel, operations, and technology. This paper analyzes the various aspects of the strategy, hoping to provide some theoretical guidance for ZJ Bank to improve the ability of information security risk management, to ensure the healthy operation of the information system in the key infrastructure construction. It is of great strategic and practical significance to ensure the continuous and efficient operation of the business to enhance the competitiveness of the ZJ banking industry.
【学位授予单位】：大连理工大学
【学位级别】：硕士
【学位授予年份】：2012
【分类号】：F832.33

【参考文献】