电子银行的风险管理:概念与最佳实践Risk Management in Electronic Banking
点此进入淘宝搜索页搜索分类: 图书,进口原版书,经管与理财 Business & Investing ,
作者: Jayaram Kondabagil著
出 版 社: Oversea Publishing House
出版时间: 2007-10-1字数:版次: 1页数: 259印刷时间: 2007/10/01开本: 16开印次: 1纸张: 胶版纸I S B N : 9780470822432包装: 平装内容简介
"Risk Management in Electronic Banking is a comprehensive study of the concepts and best practices in electronic banking. It fills a badly needed global requirement for not only bankers but all users of electronic banking. The book gives an excellent review of the wide scope of electronic banking on traditional banking and business methods. It then delves into the risks inherent in e-banking including strategic, operational, compliance, reputational and others... Jayaram Kondabagil, has produced an excellent work which will be the key reference for anyone involved in electronic banking."
-- Mark Mobius, Managing Director, Templeton Asset Management Ltd
"Risk Management in Electronic Banking is written in a simple and easy to understand style and it provides a broad overview of electronic banking. It also highlights the importance of risk management and addresses a gap in extant literature on the subject. Aimed at a global audience, the consolidated checklist at the end of the book is useful and a notable feature is that it also includes outsourcing risks, which though of recent origin has already made a big impact in financial services sector. This topical book will be a useful read for senior management executives."
-- Professor R.Vaidyanathan, Finance & Control, UTI Chair Professor & Chairperso, Centre for Capital Market and Risk Management, Indian Institute of Management
作者简介
Jayaram Kondabagil is a management consultant based in Bangalore, India, with more than three decades of professional experience. His specialization includes risk management, information assurance, security management, business continuity planning and banking technology.
He has held positions in two major Indian banks for over 20 years in various capacities. He had a varied exposure during this tenure including retail and corporate banking, managing the development of banking applications, facilitating and conducting training and seminars, software quality assurance and system audit.
He then moved over to a company which provides technology and consultancy services to the banking sector, where he was vice-president for five years. He started his independent consultancy practice in 2002.
目录
List of Figures
List of Tables
Preface
Acknowledgments
Foreword
PART I: INTRODUCTION TO E-BANKING
Chapter 1 E-Banking Basics
Evolution of e-banking
Impact on traditional banking
E-banking components
Regulatory approval
Chapter 2 E-Banking Risks
Strategic risk
Operational risk
Compliance risk
Reputational risk
Other risks
Risk management challenges
The five-pillar approach
Chapter 3 Product and Service-specific Risks
Internet banking
Aggregation services
Bill presentment and payment
Mobile banking
Weblinking
Electronic money
Cross-border transactions
New products and services
PART II: RISK MANAGEMENT
Chapter 4 Risk Management Framework
Policies and procedures
Risk management process
Operational risk management
Governance and internal controls
Chapter 5 Risk Management Organization
Organization structure
Board and senior management
Executive risk committee
IT management
Internal and external audit
Chapter 6 International Standards
Basel Committee on banking supervision
COBIT 40
ISO 17799
OCTAVE
COSO – enterprise risk management
PCI data security standard
Financial Action Task Force
Corporate governance codes
Regulatory guidelines
Part III: INFORMATION SECURITY
Chapter 7 Information Security Management
Security objectives
Security controls
Security risk assessment
Classifi cation of controls
Monitoring and testing
Incident response plan
Chapter 8 Operational Controls
Personnel issues
Segregation of duties
Technical issues
Database management
Change management
Backups and off-site storage
Insurance
Fraud management
Chapter 9 Technical Controls
Logical access controls
Identifi cation and authentication
Authentication methods
Audit trails
Network security
Firewalls
Malicious code
Information security incidents
PART IV: OUTSOURCING
Chapter 10 Outsourcing in E-Banking
Types of outsourcing
Material outsourcing
Supervisory approach
Key risks of outsourcing
Board and senior management responsibility
Outsourcing policy
Chapter 11 Managing Outsourced Services
Outsourcing decisions
Risk assessment and control
Service provider due diligence
Offshoring
Contingency plans
Customer service
Monitoring and audit
Chapter 12 Outsourcing Contracts
Contractual provisions
Right of access clauses
Termination clause
Offshoring contracts
Confi dentiality and security clauses
Business continuity clauses
PART V: BUSINESS CONTINUITY
Chapter 13 Business Continuity Management
The main drivers
Board and senior management responsibility
Components of BCM
Business impact analysis
BIA methodologies
Recovery strategy
Chapter 14 Business Continuity Plan
Major components of BCP
Continuity management team
Recovery procedures
Resource requirements
External communications
Plan maintenance
Awareness and training
Testing of BCP
Testing methods
Chapter 15 Data Centers and Alternate Sites
Evolution of data centers
Location of the sites
Mitigating concentration risk
Data center design
Logistics management
Maintenance procedures
Alternate site models
External support
Business continuity in real life
PART VI: LEGAL AND REGULATORY COMPLIANCE
Chapter 16 Compliance Function
Organization of the compliance function
Board and senior management responsibility
Role of regulators
Chapter 17 Major Compliance Issues
Anti-money laundering
Know your customer (KYC)
Suspicious activities
Privacy of customer information
Information disclosures
Customer education
High-level review checklist
Acronyms
Glossary
References
Index
