本文選題：商業(yè)銀行 + 信息系統(tǒng)��； 參考：《遼寧大學(xué)》2012年碩士論文

【摘要】：隨著銀行信息化的深入發(fā)展,銀行幾乎所有的業(yè)務(wù)都是通過計(jì)算機(jī)機(jī)系統(tǒng)來收集、加工和處理的。銀行業(yè)務(wù)的發(fā)展對(duì)信息系統(tǒng)的依賴性越來越高,由于信息系統(tǒng)自身的信息技術(shù)風(fēng)險(xiǎn)特點(diǎn)及在對(duì)信息系統(tǒng)風(fēng)險(xiǎn)管理中存在的疏漏,往往會(huì)對(duì)信息系統(tǒng)安全、穩(wěn)定和可靠運(yùn)行產(chǎn)生威脅并有可能產(chǎn)生嚴(yán)重后果,近幾年來一些金融機(jī)構(gòu)發(fā)生的信息系統(tǒng)風(fēng)險(xiǎn)事件更進(jìn)一步表明,保障銀行信息系統(tǒng)安全運(yùn)行的重要性,同時(shí),這些風(fēng)險(xiǎn)事件也促使監(jiān)管部門加大了對(duì)商業(yè)銀行信息科技風(fēng)險(xiǎn)的監(jiān)管力度。而F銀行在十幾年短暫、快速的信息化發(fā)展建設(shè)過程中,也面臨和應(yīng)對(duì)著各種各樣的信息技術(shù)風(fēng)險(xiǎn),如何控制、預(yù)防這些風(fēng)險(xiǎn),保證信息系統(tǒng)安全、穩(wěn)定、可靠的運(yùn)行,是F銀行實(shí)施IT戰(zhàn)略過程所必須關(guān)注的重要問題�？梢哉f,只要銀行應(yīng)用信息技術(shù),依賴于信息系統(tǒng),就存在信息技術(shù)風(fēng)險(xiǎn),就會(huì)影響信息系統(tǒng)的運(yùn)行安全,那么銀行對(duì)信息系統(tǒng)的風(fēng)險(xiǎn)管理就是一件任重而道遠(yuǎn)的工程。 本文就是在此內(nèi)、外部背景下,對(duì)F銀行信息系統(tǒng)運(yùn)行階段風(fēng)險(xiǎn)控制問題展開研究的。本文基于COSO內(nèi)部控制理念框架、ITIL最佳實(shí)踐、ISO27001信息安全、COBIT等國際標(biāo)準(zhǔn)與方法,結(jié)合銀行業(yè)監(jiān)管部門要求、制定的標(biāo)準(zhǔn),分析F銀行核心信息系統(tǒng)運(yùn)行風(fēng)險(xiǎn),找出運(yùn)行階段風(fēng)險(xiǎn)控制過程中存在管理缺陷和技術(shù)漏洞,制定適合實(shí)際系統(tǒng)運(yùn)行環(huán)境與發(fā)展建設(shè)的風(fēng)險(xiǎn)控制對(duì)策,并在具體實(shí)施中對(duì)控制措施提供必要的保障。 通過對(duì)信息系統(tǒng)運(yùn)行風(fēng)險(xiǎn)控制問題的研究,可以進(jìn)一步提高全體員工和管理者對(duì)信息系統(tǒng)風(fēng)險(xiǎn)防范認(rèn)識(shí),豐富和完善信息系統(tǒng)運(yùn)行風(fēng)險(xiǎn)管理體系,同時(shí)通過局部的風(fēng)險(xiǎn)控制建設(shè),促進(jìn)全面的IT風(fēng)險(xiǎn)管理體系建設(shè),為F銀行信息系統(tǒng)安全、穩(wěn)健、高效的運(yùn)行搭建夯實(shí)的IT平臺(tái),最終實(shí)現(xiàn)企業(yè)IT戰(zhàn)略實(shí)施與經(jīng)營(yíng)戰(zhàn)略發(fā)展相適應(yīng)與統(tǒng)一。
[Abstract]:With the development of bank informatization, almost all banking business is collected, processed and processed by computer system. The development of bank business is more and more dependent on information system. Because of the characteristics of information technology risk and the omissions in risk management of information system, it is often safe to information system. Stable and reliable operations pose a threat and can have serious consequences. The information system risk incidents that have occurred in some financial institutions in recent years have further demonstrated the importance of ensuring the safe operation of banking information systems, while, at the same time, These risks have also prompted regulators to step up the supervision of IT risks in commercial banks. In the course of the short and rapid development of information technology in more than ten years, Bank F is also facing and coping with various kinds of information technology risks. How to control and prevent these risks and ensure the safe, stable and reliable operation of information systems, It is an important issue that F Bank must pay attention to in the process of implementing IT strategy. It can be said that as long as banks apply information technology and rely on information systems, there will be information technology risks, which will affect the operation security of information systems. In this paper, the risk control of F bank information system is studied in this paper. Based on the framework of COSO internal control concept and international standards and methods such as ISO27001 information security and COBIT, this paper analyzes the operational risk of core information system of F bank in accordance with the requirements of banking supervision department. This paper finds out the management defects and technical loopholes in the process of risk control in the operation stage, and formulates the risk control countermeasures suitable for the operation environment and development construction of the actual system, and provides the necessary guarantee for the control measures in the concrete implementation. Through the research on risk control of information system operation, we can further improve the understanding of risk prevention of information system, enrich and perfect the risk management system of information system operation. At the same time, through the construction of local risk control, we can promote the construction of comprehensive IT risk management system, and build a solid IT platform for the safe, stable and efficient operation of F bank information system. Finally realize the enterprise IT strategy implementation and management strategy development adapts and unifies.
【學(xué)位授予單位】：遼寧大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2012
【分類號(hào)】：F832.2

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 何茂春;;商業(yè)銀行信息科技風(fēng)險(xiǎn)的量化計(jì)量研究[J];金融論壇;2009年02期

2 王棟;來風(fēng)剛;李靜;;數(shù)據(jù)中心IT運(yùn)維審計(jì)體系研究[J];電力信息化;2012年01期

3 葉貴添;;商業(yè)銀行信息科技風(fēng)險(xiǎn)分析及管理策略[J];硅谷;2010年08期

4 于海霞;;我國IT審計(jì)面對(duì)的挑戰(zhàn)[J];中國管理信息化;2011年11期

5 王蘭征;;銀行業(yè)IT運(yùn)維現(xiàn)狀及風(fēng)險(xiǎn)成因分析[J];華章;2012年09期

6 駱寧;;銀行業(yè)信息技術(shù)風(fēng)險(xiǎn)管理中存在的問題及建議[J];華南金融電腦;2009年02期

7 任莉;;我國銀行信息化風(fēng)險(xiǎn)及防范對(duì)策研究[J];經(jīng)濟(jì)論壇;2009年12期

8 龔偉華;;IT運(yùn)維亟待管理流程化[J];金融電子化;2009年02期

9 翟海濤;;對(duì)我國中小城市商業(yè)銀行信息系統(tǒng)建設(shè)的思考[J];金融科技時(shí)代;2011年08期

10 ;建設(shè)銀行IT審計(jì)實(shí)施策略[J];金融電子化;2010年08期

，

本文編號(hào)：1816344