Casestudy Of Governance In The Financial Sector
VerifiedAdded on  2021/02/19
|21
|5669
|21
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
DEVELOP AN
INFORMATION
GOVERNANCE
POLICY FOR PFJ
BANK
INFORMATION
GOVERNANCE
POLICY FOR PFJ
BANK
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
EXECUTIVE SUMMARY.............................................................................................................3
Overview..........................................................................................................................................3
Purpose.............................................................................................................................................3
Scope................................................................................................................................................3
Information security: Confidentiality, Integrity, Availability................................................3
Information Governance in the financial sector.....................................................................4
Financial conduct authority: ..................................................................................................4
Prudential regulation authority: .............................................................................................4
Policy..............................................................................................................................................5
Cyber security: .......................................................................................................................5
Related Standards, Policy and Processes.........................................................................................6
Financial services and markets act, 2000: .............................................................................6
International organisation for standardization (ISO): ............................................................6
National institute for standard and technology: .....................................................................6
Control objectives for information and technology: .............................................................7
Critical analysis and suitability: ISO Framework............................................................................7
Risk Management Process and Threat Modelling...........................................................................9
Implementation Plan......................................................................................................................11
The Policy......................................................................................................................................12
Introduction..........................................................................................................................12
Purpose of the Policy............................................................................................................12
Organization Approach to Information Governance............................................................12
Procedures............................................................................................................................13
Controls and Staff Guidance................................................................................................14
Risk Management.................................................................................................................14
Responsibility and Accountabilities.....................................................................................15
Conclusion.....................................................................................................................................15
REFERENCES..............................................................................................................................17
EXECUTIVE SUMMARY.............................................................................................................3
Overview..........................................................................................................................................3
Purpose.............................................................................................................................................3
Scope................................................................................................................................................3
Information security: Confidentiality, Integrity, Availability................................................3
Information Governance in the financial sector.....................................................................4
Financial conduct authority: ..................................................................................................4
Prudential regulation authority: .............................................................................................4
Policy..............................................................................................................................................5
Cyber security: .......................................................................................................................5
Related Standards, Policy and Processes.........................................................................................6
Financial services and markets act, 2000: .............................................................................6
International organisation for standardization (ISO): ............................................................6
National institute for standard and technology: .....................................................................6
Control objectives for information and technology: .............................................................7
Critical analysis and suitability: ISO Framework............................................................................7
Risk Management Process and Threat Modelling...........................................................................9
Implementation Plan......................................................................................................................11
The Policy......................................................................................................................................12
Introduction..........................................................................................................................12
Purpose of the Policy............................................................................................................12
Organization Approach to Information Governance............................................................12
Procedures............................................................................................................................13
Controls and Staff Guidance................................................................................................14
Risk Management.................................................................................................................14
Responsibility and Accountabilities.....................................................................................15
Conclusion.....................................................................................................................................15
REFERENCES..............................................................................................................................17
EXECUTIVE SUMMARY
The following report focused on corporate governance policy of PFJ retail banks and their
operations. It also emphasised the importance of cyber security and the principles followed by it.
Various acts have also been included like financial services and markets act, 2000 and prudential
regulation authority act that regulates the working of financial companies, investment banks and
insurance companies. The main objective of these acts are to ensure stability in the financial
markets of United Kingdom. Also, various ISO acts have been mentioned and their importance
has been stated in regulating the framework of all the companies of small, large and medium
scale.
Overview
PFJ is an European retail bank that mainly deals with investment banking and
consultancy service (Cherupelly, 2016). Headquartered in United Kingdom, the bank has
established a brand image mainly because of its safety and protective measures regarding the
information of their clients.
Purpose
In this digital environment, it has become imperative for every organization to protect their data
and information therefore for this purpose various acts and standards have been set up by the
government of United Kingdom to ensure smooth working of the companies. Various cyber
security principles have been established that emphasize on protection of intellectual data of an
organization and make sure that there are no unauthorized access into the website or digital
accounts of the company. The current study will highlight on the information governance policy
of PFJ bank, their strategy and other cyber security principles to protect the privacy of
intellectual and digital data of clients and customers.
Scope
Information security: Confidentiality, Integrity, Availability
Information security is concerned with protection of computer data and information from
viruses and hacking. It maintains the confidentiality, integrity and availability of data through
encryption and by using other security measures. The information security is widely used in
banks, financial institutions and stock exchange in order to protect the authenticity of data. For
3
The following report focused on corporate governance policy of PFJ retail banks and their
operations. It also emphasised the importance of cyber security and the principles followed by it.
Various acts have also been included like financial services and markets act, 2000 and prudential
regulation authority act that regulates the working of financial companies, investment banks and
insurance companies. The main objective of these acts are to ensure stability in the financial
markets of United Kingdom. Also, various ISO acts have been mentioned and their importance
has been stated in regulating the framework of all the companies of small, large and medium
scale.
Overview
PFJ is an European retail bank that mainly deals with investment banking and
consultancy service (Cherupelly, 2016). Headquartered in United Kingdom, the bank has
established a brand image mainly because of its safety and protective measures regarding the
information of their clients.
Purpose
In this digital environment, it has become imperative for every organization to protect their data
and information therefore for this purpose various acts and standards have been set up by the
government of United Kingdom to ensure smooth working of the companies. Various cyber
security principles have been established that emphasize on protection of intellectual data of an
organization and make sure that there are no unauthorized access into the website or digital
accounts of the company. The current study will highlight on the information governance policy
of PFJ bank, their strategy and other cyber security principles to protect the privacy of
intellectual and digital data of clients and customers.
Scope
Information security: Confidentiality, Integrity, Availability
Information security is concerned with protection of computer data and information from
viruses and hacking. It maintains the confidentiality, integrity and availability of data through
encryption and by using other security measures. The information security is widely used in
banks, financial institutions and stock exchange in order to protect the authenticity of data. For
3
instance, it prevents modification and manipulation of messages before they reach the intended
recipient thus preserving the original information. PFJ bank uses digital signatures to improve
authenticity and prompts all the customers and staff members to prove their identity before they
are granted access to the confidential data. Thus, in this manner the privacy and confidentiality
of computer information is maintained.
Information Governance in the financial sector
Information governance is concerned with providing reliable data to a financial sector as it
would help them in making business decisions. It helps a business in identifying their goals and
objectives, role of employees in achieving it and their responsibilities as part of implementation
and integration of program. Information governance is widely used in the financial sector like
banks, accounting companies and consultancy firms (Bossong and Hegemann, 2016). PFJ banks
uses information governance to store, access and filter the data of its business clients which
further helps them in management of information systems. Information governance and cyber
security principles are an important aspect of every business. While information governance is
concerned with authenticity of data, cyber security principles focus on protection of the data.
Financial conduct authority:
The financial conduct authority is a financial regulatory body in the United Kingdom. It
is an autonomous body that regulates and controls the activities of financial companies and
ensure smooth working in the financial markets of the country. The major objectives of FCA
include protecting the rights of consumers, market integrity and promoting fair competition in
the financial market. The activities of PFJ banks are monitored and regulated by the FCA to
ensure that fair business activities are adopted by the banking company.
Prudential regulation authority:
The PRA is a successor of financial services authority (FSA) and its main objective is to
supervise the working of banks, financial institutions,, credit unions, investment firms and
insurance companies. The PRA supervises the financial companies on the basis of three factors
like
Judgement based approach: The judgement based approach states that whether the
financial companies are safe and sound which means that whether the organisations are
economically stable to provide facilities to the clients and policy holders.
4
recipient thus preserving the original information. PFJ bank uses digital signatures to improve
authenticity and prompts all the customers and staff members to prove their identity before they
are granted access to the confidential data. Thus, in this manner the privacy and confidentiality
of computer information is maintained.
Information Governance in the financial sector
Information governance is concerned with providing reliable data to a financial sector as it
would help them in making business decisions. It helps a business in identifying their goals and
objectives, role of employees in achieving it and their responsibilities as part of implementation
and integration of program. Information governance is widely used in the financial sector like
banks, accounting companies and consultancy firms (Bossong and Hegemann, 2016). PFJ banks
uses information governance to store, access and filter the data of its business clients which
further helps them in management of information systems. Information governance and cyber
security principles are an important aspect of every business. While information governance is
concerned with authenticity of data, cyber security principles focus on protection of the data.
Financial conduct authority:
The financial conduct authority is a financial regulatory body in the United Kingdom. It
is an autonomous body that regulates and controls the activities of financial companies and
ensure smooth working in the financial markets of the country. The major objectives of FCA
include protecting the rights of consumers, market integrity and promoting fair competition in
the financial market. The activities of PFJ banks are monitored and regulated by the FCA to
ensure that fair business activities are adopted by the banking company.
Prudential regulation authority:
The PRA is a successor of financial services authority (FSA) and its main objective is to
supervise the working of banks, financial institutions,, credit unions, investment firms and
insurance companies. The PRA supervises the financial companies on the basis of three factors
like
Judgement based approach: The judgement based approach states that whether the
financial companies are safe and sound which means that whether the organisations are
economically stable to provide facilities to the clients and policy holders.
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Forward looking approach: It means that the PRA evaluates the PFJ retail bank not only
against the current risks but also against the potential future risks (Zhang, 2019).
Focused approach: The major focus of PRA is on the companies that possess a great risk
on the stability of the UK stock market and can affect the economy of the country.
Policy
Cyber security:
Cyber security refers to technology and software designed to protect the devices,
networks, information and data from damage and unauthorized access. Cyber security is
important in all the sectors related to finance, medical, defence and education. Principles and
practices of cyber security include
Advanced access management: The cyber security involves use of two factor authentication in
order to allow access to the accounts and websites. The two factor authentication involves a
combination of username-password with one time password (OTP) or SMS in order to verify the
system.
Data encryption: Data encryption is a widely used practice by cyber security and it involves
encoding of data and information which can only be decoded by the receiver of that information
or the concerned user. The PFJ bank and other financial companies widely use data encryption
service in order to prevent theft and breach of security.
5
Illustration 1: Cyber security technology
against the current risks but also against the potential future risks (Zhang, 2019).
Focused approach: The major focus of PRA is on the companies that possess a great risk
on the stability of the UK stock market and can affect the economy of the country.
Policy
Cyber security:
Cyber security refers to technology and software designed to protect the devices,
networks, information and data from damage and unauthorized access. Cyber security is
important in all the sectors related to finance, medical, defence and education. Principles and
practices of cyber security include
Advanced access management: The cyber security involves use of two factor authentication in
order to allow access to the accounts and websites. The two factor authentication involves a
combination of username-password with one time password (OTP) or SMS in order to verify the
system.
Data encryption: Data encryption is a widely used practice by cyber security and it involves
encoding of data and information which can only be decoded by the receiver of that information
or the concerned user. The PFJ bank and other financial companies widely use data encryption
service in order to prevent theft and breach of security.
5
Illustration 1: Cyber security technology
Related Standards, Policy and Processes.
Bank regulations are designed and framed by government which allows commercial banks like
PFJ to operate in a certain environment and follow some guidelines and rules and regulations. It
also creates transparency between banking institutions and the parties with whom the business is
conducted. Regulatory framework includes various frameworks and code of conduct in order to
clarify the gaps between actual and standardized working.
Financial services and markets act, 2000:
The financial services and markets act, 2000 created the FSA and it regulates and monitors the
financial firms, investment banks and insurance companies to ensure smooth working of the
businesses. The benefits of the act includes reduction in financial crimes by people, maintaining
the confidence and trust of general public in the financial market and also it promotes the
understanding of public in the financial system of the United Kingdom. On the other hand
TRIPUNOSKA (2019) argues that, the weakness includes slow investigation of the cases that
further leads to loss of funds for the general public and also it causes negative impact on
companies like the act restricts the flexibility of the organisations to operate freely and
sometimes intervention.
International organisation for standardization (ISO):
The ISO is an international body that provides documents which state that the products are fit to
use for the purpose specified. In the view point of Nielsen ( 2016), the ISO standards are
extremely beneficial not only for consumers but also for the businesses as it helps businesses in
increasing customer satisfaction by providing good quality products and services. As a result, it
improves brand image of the company and makes it easy for them to access new markets
whereas the Nedzel (2018), argues that ISO standards cannot be reliable because it is an
autonomous body and not government owned therefore it cannot be completely relied upon.
National institute for standard and technology:
The NIST is a non-regulatory body of the United States that focus on promoting innovation and
increasing the level of competition among various industries. The main objective of NIST is to
develop information security standards and guideline. Providing customized cyber security
services according to the needs and wants of company, managing the risks associated with the
security services and taking actions accordingly are some of the benefits of NIST.
6
Bank regulations are designed and framed by government which allows commercial banks like
PFJ to operate in a certain environment and follow some guidelines and rules and regulations. It
also creates transparency between banking institutions and the parties with whom the business is
conducted. Regulatory framework includes various frameworks and code of conduct in order to
clarify the gaps between actual and standardized working.
Financial services and markets act, 2000:
The financial services and markets act, 2000 created the FSA and it regulates and monitors the
financial firms, investment banks and insurance companies to ensure smooth working of the
businesses. The benefits of the act includes reduction in financial crimes by people, maintaining
the confidence and trust of general public in the financial market and also it promotes the
understanding of public in the financial system of the United Kingdom. On the other hand
TRIPUNOSKA (2019) argues that, the weakness includes slow investigation of the cases that
further leads to loss of funds for the general public and also it causes negative impact on
companies like the act restricts the flexibility of the organisations to operate freely and
sometimes intervention.
International organisation for standardization (ISO):
The ISO is an international body that provides documents which state that the products are fit to
use for the purpose specified. In the view point of Nielsen ( 2016), the ISO standards are
extremely beneficial not only for consumers but also for the businesses as it helps businesses in
increasing customer satisfaction by providing good quality products and services. As a result, it
improves brand image of the company and makes it easy for them to access new markets
whereas the Nedzel (2018), argues that ISO standards cannot be reliable because it is an
autonomous body and not government owned therefore it cannot be completely relied upon.
National institute for standard and technology:
The NIST is a non-regulatory body of the United States that focus on promoting innovation and
increasing the level of competition among various industries. The main objective of NIST is to
develop information security standards and guideline. Providing customized cyber security
services according to the needs and wants of company, managing the risks associated with the
security services and taking actions accordingly are some of the benefits of NIST.
6
Control objectives for information and technology:
The COBIT is a framework created by ISACA(Information systems audit and control
association) and its main objective is to meet the regulatory compliance of a business, its risk
management policies and merging the IT strategy with goals and objectives of organisation.
According to Mekonenn (2016), the COBIT is a potential for financial companies and
investment banks like PFJ as it uses technology in an efficient manner to promote excellence
and also minimizes the risk related to IT and software. On the other hand, the weakness of
COBIT involves that it requires time to implement and cannot achieve goals and objectives
within a short period of time.
Critical analysis and suitability: ISO Framework
ï‚· PFJ bank information governance policy: The governance policy of PFJ banks
includes protecting the interests of shareholder, investors, clients and other stakeholders
by complying with the code of conduct and all the rules and regulations of various acts
like Financial services and markets act, 2000 and Prudential regulation authority act.
ï‚· ISO 27000: The ISO 27000 of information security management standards is a
framework to provide best practices in the field of information technology. It has a broad
scope and the standards are applicable to all sizes of organisations. There are other
standards like ISO 27001 and 27002 in order to mention the changes in the field of
technology in different industries. In the view point of Gunay (2016), the PFJ bank
comply with all the statutory requirements and regulations of the ISO standards.
However, Cherupelly (2016) has stated that the financial banks and insurance companies
do not take ISO 27000 standards as they believe its is very costly to implement in the
business but they do not understand that the cost of implementing this approach is much
cheaper than the actual cost of dealing with the aftermath of such incidents like theft of
data, breaching of confidentiality, frauds and manipulation in accounts.
ï‚· ISO 30300/15489_Records Management: The ISO 15489 mainly emphasises on record
management and systematic control of the creation, receipt, maintenance, use and
disposition of records, including the processes for capturing and maintaining evidence
and other information related to business practices. It is a potential tool for banking
companies like PFJ bank as it provides them with complete information related to their
data and information so that it saves the time and cost of company.
7
The COBIT is a framework created by ISACA(Information systems audit and control
association) and its main objective is to meet the regulatory compliance of a business, its risk
management policies and merging the IT strategy with goals and objectives of organisation.
According to Mekonenn (2016), the COBIT is a potential for financial companies and
investment banks like PFJ as it uses technology in an efficient manner to promote excellence
and also minimizes the risk related to IT and software. On the other hand, the weakness of
COBIT involves that it requires time to implement and cannot achieve goals and objectives
within a short period of time.
Critical analysis and suitability: ISO Framework
ï‚· PFJ bank information governance policy: The governance policy of PFJ banks
includes protecting the interests of shareholder, investors, clients and other stakeholders
by complying with the code of conduct and all the rules and regulations of various acts
like Financial services and markets act, 2000 and Prudential regulation authority act.
ï‚· ISO 27000: The ISO 27000 of information security management standards is a
framework to provide best practices in the field of information technology. It has a broad
scope and the standards are applicable to all sizes of organisations. There are other
standards like ISO 27001 and 27002 in order to mention the changes in the field of
technology in different industries. In the view point of Gunay (2016), the PFJ bank
comply with all the statutory requirements and regulations of the ISO standards.
However, Cherupelly (2016) has stated that the financial banks and insurance companies
do not take ISO 27000 standards as they believe its is very costly to implement in the
business but they do not understand that the cost of implementing this approach is much
cheaper than the actual cost of dealing with the aftermath of such incidents like theft of
data, breaching of confidentiality, frauds and manipulation in accounts.
ï‚· ISO 30300/15489_Records Management: The ISO 15489 mainly emphasises on record
management and systematic control of the creation, receipt, maintenance, use and
disposition of records, including the processes for capturing and maintaining evidence
and other information related to business practices. It is a potential tool for banking
companies like PFJ bank as it provides them with complete information related to their
data and information so that it saves the time and cost of company.
7
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
ï‚· ISO 38500_corporate governance for IT: The ISO 38500 deals with governance of
management processes and decision related to company's information and
communication services. The main objective of ISO 38500 is to align IT governance with
corporate governance. According to the Bossong and Hegemann (2016), it provides legal
framework for effective governance of IT and guides PFJ bank to follow the legal,
regulatory and ethical duties as mentioned in the act in order to ensure the smooth
working of their business and to protect the interests of the stakeholders.
ï‚· ISO 31000_ Risk management: The ISO 31000 risk management provides guidelines
and frameworks to manage risk. It can be utilized by any company irrespective of its size,
shape and industry. In the view point of Ali and Kamal ( 2016), the ISO 31000 has
helped PFJ bank in identifying their strengths and weaknesses, opportunities and
potential threats. Also, the act provides various ways to minimize the risks for PFJ firm
and help them in achieving goals and objectives effectively and efficiently.
ï‚· ISO 22301/22313_Business continuity: ISO 22301 mainly focuses on certain standards
and security requirements that help in recovering the disasters and focus on business
continuity management systems. The standard's main focus is to recover a business
immediately from unfortunate incidents. Elements of business continuity are
Resilience: It is concerned with the ability of a business to incessantly adopt disruptions
while maintaining the business operations smoothly. For instance, cyber attacks, power shortage
and other fraudulent activities must be dealt with at the same time of managing the business.
Recovery: Recovery is concerned with backing up all the data and information that has
been lost during the incident. The main objective is to recover the data on the basis of priority
which means that important and essential data must be backed up in the beginning itself.
Contingency: Contingency is concerned with future uncertainties that can arise in the
business. The ISO 22301 maintains the guidelines to be followed by the business in case of any
uncertain events which further helps in reducing the overall burden on companies.
ï‚· ISO 27001 guarantee CIA: It is the best practice framework mainly recognized for
information security management system (ISMS). According to the Edwin and Timothy
(2016), this regulation is the most important for PFJ retail bank as it not only helps
technically but also provides business control and management procedures to evaluate the
8
management processes and decision related to company's information and
communication services. The main objective of ISO 38500 is to align IT governance with
corporate governance. According to the Bossong and Hegemann (2016), it provides legal
framework for effective governance of IT and guides PFJ bank to follow the legal,
regulatory and ethical duties as mentioned in the act in order to ensure the smooth
working of their business and to protect the interests of the stakeholders.
ï‚· ISO 31000_ Risk management: The ISO 31000 risk management provides guidelines
and frameworks to manage risk. It can be utilized by any company irrespective of its size,
shape and industry. In the view point of Ali and Kamal ( 2016), the ISO 31000 has
helped PFJ bank in identifying their strengths and weaknesses, opportunities and
potential threats. Also, the act provides various ways to minimize the risks for PFJ firm
and help them in achieving goals and objectives effectively and efficiently.
ï‚· ISO 22301/22313_Business continuity: ISO 22301 mainly focuses on certain standards
and security requirements that help in recovering the disasters and focus on business
continuity management systems. The standard's main focus is to recover a business
immediately from unfortunate incidents. Elements of business continuity are
Resilience: It is concerned with the ability of a business to incessantly adopt disruptions
while maintaining the business operations smoothly. For instance, cyber attacks, power shortage
and other fraudulent activities must be dealt with at the same time of managing the business.
Recovery: Recovery is concerned with backing up all the data and information that has
been lost during the incident. The main objective is to recover the data on the basis of priority
which means that important and essential data must be backed up in the beginning itself.
Contingency: Contingency is concerned with future uncertainties that can arise in the
business. The ISO 22301 maintains the guidelines to be followed by the business in case of any
uncertain events which further helps in reducing the overall burden on companies.
ï‚· ISO 27001 guarantee CIA: It is the best practice framework mainly recognized for
information security management system (ISMS). According to the Edwin and Timothy
(2016), this regulation is the most important for PFJ retail bank as it not only helps
technically but also provides business control and management procedures to evaluate the
8
risk assessment. ISO 27001 has helped PFJ company in planning, generated leadership
qualities within employees, provided support through resources and funds, informed
about risk assessment during operations, monitored the banking performance
continuously and helped in taking corrective actions accordingly.
Risk Management Process and Threat Modelling
Risk Management Process is basically implemented in the organization so that they can
pre-analyse the potential risks and formulate plans and strategies accordingly. Since PFJ bank
intends to provide security to its clients regarding the important papers and data that they might
store with the bank, they can manage the risk using three steps:-
Risk Assessment & Analysis:- Assessing risk involves analysis of the extent to which an
organization is exposed to risk and for PFJ, holding documents of significance importance on
behalf of their client, exposes them to a wide variety of risks associated.
Risk Evaluation:- The risks which have been identified are then categorized on the basis of
different criteria i.e. importance, legality, cost and benefits, system requirements etc. PFJ bank,
in the basis of the importance that a client holds has categorized the emphasis that they lay on
giving security to the documents of clients.
Risk Treatment:- In this last stage, the organization implements those policies which will help
them in minimizing the risks associated and PFJ bank intends to formulate a governance policy
that will help them in securing those documents.
Risk Assessment: Risk assessment is concerned with identification of potential hazards that
could affect the smooth working of an organization. Risk assessment uses various tools and
techniques to identify the threats and provide various measures to minimize their affect on the
working of the organisation.
9
qualities within employees, provided support through resources and funds, informed
about risk assessment during operations, monitored the banking performance
continuously and helped in taking corrective actions accordingly.
Risk Management Process and Threat Modelling
Risk Management Process is basically implemented in the organization so that they can
pre-analyse the potential risks and formulate plans and strategies accordingly. Since PFJ bank
intends to provide security to its clients regarding the important papers and data that they might
store with the bank, they can manage the risk using three steps:-
Risk Assessment & Analysis:- Assessing risk involves analysis of the extent to which an
organization is exposed to risk and for PFJ, holding documents of significance importance on
behalf of their client, exposes them to a wide variety of risks associated.
Risk Evaluation:- The risks which have been identified are then categorized on the basis of
different criteria i.e. importance, legality, cost and benefits, system requirements etc. PFJ bank,
in the basis of the importance that a client holds has categorized the emphasis that they lay on
giving security to the documents of clients.
Risk Treatment:- In this last stage, the organization implements those policies which will help
them in minimizing the risks associated and PFJ bank intends to formulate a governance policy
that will help them in securing those documents.
Risk Assessment: Risk assessment is concerned with identification of potential hazards that
could affect the smooth working of an organization. Risk assessment uses various tools and
techniques to identify the threats and provide various measures to minimize their affect on the
working of the organisation.
9
Threat Modelling is another process which assists the risk management process and
helps in identification of the potential threats from the external parties and then prioritize them.
PFJ bank also uses thread modelling in their software development life cycle to ensure that all
the software related applications are developed with built in security measures. Practically
applying threat model provides answers to various questions like who can attack your computer
system, from where they can attack and what measures to adopt in order to prevent these attacks.
Information security regulations have become more strict than ever and it has further
helped the PFJ bank in risk management by putting restriction on unauthorised entry into the
website which prevents the bank from potential threats. The European Union approved GDPR
(General data protection regulation) in order to protect the confidential data and financial
accounts of all the commercial banks which is a good news for PFJ banks because it also
operates in the Europe.
STRIDE Model can be used for the process of Threat Modelling:-
Spoofing:- It addresses the authenticity level of the user i.e. identifying if someone is claiming
someone else's identity.
10
Illustration 2: threat modelling approach
helps in identification of the potential threats from the external parties and then prioritize them.
PFJ bank also uses thread modelling in their software development life cycle to ensure that all
the software related applications are developed with built in security measures. Practically
applying threat model provides answers to various questions like who can attack your computer
system, from where they can attack and what measures to adopt in order to prevent these attacks.
Information security regulations have become more strict than ever and it has further
helped the PFJ bank in risk management by putting restriction on unauthorised entry into the
website which prevents the bank from potential threats. The European Union approved GDPR
(General data protection regulation) in order to protect the confidential data and financial
accounts of all the commercial banks which is a good news for PFJ banks because it also
operates in the Europe.
STRIDE Model can be used for the process of Threat Modelling:-
Spoofing:- It addresses the authenticity level of the user i.e. identifying if someone is claiming
someone else's identity.
10
Illustration 2: threat modelling approach
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Tampering:- This involves modification of the data when the exchange process takes place
between the user and the application.
Repudiation:- It signifies the extent up-to which the attacker can deny or repudiate the fact that
any action or event has been performed i.e. how well was the attacker able to clean up his
activities.
Information Disclosure:- This addresses the illegal breaches, leaking of confidential data and
gaining unauthorized access to data.
Denial of Service:- When a particular software is made unavailable or denied access to its
legitimate users, it is categorised under this.
Elevation of Privilege:- Unauthorized access to those software which are not available for
everyone and contain crucial information comes under this category.
PFJ bank can implement STRIDE model in the governance policy that they intend to
form as this will help them in identifying and removing those security gaps that might exist in
the system.
Implementation Plan
After successful design of the framework, it needs to be implemented through appropriate
steps and methodology which are sequentially followed so that the formulated plan can be
implemented correctly. This can be done through following sequence of steps:-
Strategy:- After distributing the roles to the employees and educating them about their roles and
responsibilities, the next step is to evaluate the strategy. In this step, before its implementation,
the strategy is once again studied and evaluated. It goes through various management levels so
that different individuals can study the plan and ensure that the strategy formulated for IT
governance is efficient and productive. This practice basically helps in formulating a strategy
which will fulfil the purpose and also take into account the ethical aspect of accountability i.e.
transparency so that no malpractices takes place.
Acquisition:- After a strategy is finalised, the personnel that needs to be hired is identified and
selected. However, at the time of appointment, it is not always necessary that the quality of
personnel required is available in the company. Further, apart from the personnel acquisition, the
management of PFJ bank should also focus on achievement of smaller aims and objectives (Ali,
Green and Robb, 2015).
11
between the user and the application.
Repudiation:- It signifies the extent up-to which the attacker can deny or repudiate the fact that
any action or event has been performed i.e. how well was the attacker able to clean up his
activities.
Information Disclosure:- This addresses the illegal breaches, leaking of confidential data and
gaining unauthorized access to data.
Denial of Service:- When a particular software is made unavailable or denied access to its
legitimate users, it is categorised under this.
Elevation of Privilege:- Unauthorized access to those software which are not available for
everyone and contain crucial information comes under this category.
PFJ bank can implement STRIDE model in the governance policy that they intend to
form as this will help them in identifying and removing those security gaps that might exist in
the system.
Implementation Plan
After successful design of the framework, it needs to be implemented through appropriate
steps and methodology which are sequentially followed so that the formulated plan can be
implemented correctly. This can be done through following sequence of steps:-
Strategy:- After distributing the roles to the employees and educating them about their roles and
responsibilities, the next step is to evaluate the strategy. In this step, before its implementation,
the strategy is once again studied and evaluated. It goes through various management levels so
that different individuals can study the plan and ensure that the strategy formulated for IT
governance is efficient and productive. This practice basically helps in formulating a strategy
which will fulfil the purpose and also take into account the ethical aspect of accountability i.e.
transparency so that no malpractices takes place.
Acquisition:- After a strategy is finalised, the personnel that needs to be hired is identified and
selected. However, at the time of appointment, it is not always necessary that the quality of
personnel required is available in the company. Further, apart from the personnel acquisition, the
management of PFJ bank should also focus on achievement of smaller aims and objectives (Ali,
Green and Robb, 2015).
11
Performance:- After it has been ensured that all the necessary staff is available with the bank
and they have been assigned their roles and duties in implementation of the plan, the
management evaluates the performance of the governance system as well as the employees.
Conformance:- Conformance is the last important aspect in implementation process where the
management ensures that the plan is being implemented in the method through which it was
formulated and further, it is also analysed that whether tasks which were assigned to the
employees are being fulfilled as per the roles and responsibilities.
Human Behaviour- Acceptable User Policy (AUP) document is used by PFJ bank which they
get filled by the employees. It sates the constraints and limitations within which the employees or
other users are allowed to operate (Gregory and et.al., 2018). This will increase the authenticity
of the governance system and limit its access.
The Policy
Introduction
PFJ bank has garnered the trust of its clients because of quality of services that they have
provided. However, over the time there is a large quantity of sensitive information which the
bank has accumulated. The management of bank needs to ensure that this information is
protected and there are no leaks or other unethical activities which might lead to questions on the
integrity on banks operations. The management can begin by analysing the risk associated with
formulation and implementation of such governance plan.
Purpose of the Policy
By developing an appropriate governance policy, the PFJ bank intends to widen the
loyalty of its customers and provide a security to the important papers containing sensitive
information that the clients get deposited with the bank.
Organization Approach to Information Governance
PFJ, in order to formulate healthy relationships, management and employees at their
personal level also need to ensure that ethics and morale act as the basis for foundation of such
human relations (Van Grembergen, and De Haes,2018).
Principle of Benevolence:- This principle states that as per the cyber ethics, one individual must
help out other individual when the need occurs. In this case, while forming partnerships, it is
essential that the professionals that are already employed in PFJ bank give the required
12
and they have been assigned their roles and duties in implementation of the plan, the
management evaluates the performance of the governance system as well as the employees.
Conformance:- Conformance is the last important aspect in implementation process where the
management ensures that the plan is being implemented in the method through which it was
formulated and further, it is also analysed that whether tasks which were assigned to the
employees are being fulfilled as per the roles and responsibilities.
Human Behaviour- Acceptable User Policy (AUP) document is used by PFJ bank which they
get filled by the employees. It sates the constraints and limitations within which the employees or
other users are allowed to operate (Gregory and et.al., 2018). This will increase the authenticity
of the governance system and limit its access.
The Policy
Introduction
PFJ bank has garnered the trust of its clients because of quality of services that they have
provided. However, over the time there is a large quantity of sensitive information which the
bank has accumulated. The management of bank needs to ensure that this information is
protected and there are no leaks or other unethical activities which might lead to questions on the
integrity on banks operations. The management can begin by analysing the risk associated with
formulation and implementation of such governance plan.
Purpose of the Policy
By developing an appropriate governance policy, the PFJ bank intends to widen the
loyalty of its customers and provide a security to the important papers containing sensitive
information that the clients get deposited with the bank.
Organization Approach to Information Governance
PFJ, in order to formulate healthy relationships, management and employees at their
personal level also need to ensure that ethics and morale act as the basis for foundation of such
human relations (Van Grembergen, and De Haes,2018).
Principle of Benevolence:- This principle states that as per the cyber ethics, one individual must
help out other individual when the need occurs. In this case, while forming partnerships, it is
essential that the professionals that are already employed in PFJ bank give the required
12
assistance to the external professionals since they are not familiar with the culture and practices
of the organization.
Principle of Honesty:- As the principle itself explains, it is crucial that both internal as well as
external professionals are truthful with each other sharing complete information rather than
hiding or distorting the facts. And PFJ bank has an extremely well established goodwill and
reputation amongst their clients which is the key asset for any bank (Madon and Krishna, 2018).
Principle of Harm:- Harm here does not refer to physical ill-treatment or abuse to employees.
Rather, in context of cyber-ethics, it means that ensuring that employees understand that they are
working collectively with each other. At PFJ bank, they intend to develop a governance system
and it is a very crucial part of the system since it will contain all the sensitive data of their
clients.
Principle of Paternalism:- Since both external and internal professionals are coming together for
the purpose of building up a software, all of them should distribute tasks between themselves
based on their capabilities and expertise.
Procedures
PFJ bank requires a governance system which will ensure safety of the important data and also
guard its privacy (Liu and Wang, 2016). For successful designing, the first step that PFJ bank
must follow is:-
ï‚· Designing the framework which involves basic policies and organizations structure and
in the present case, the aim is to formulate a governance policy and this requires change
in organization structure of PFJ bank since a separate IT department would be formulated
thus changing the hierarchy.
ï‚· After developing the framework, strategy is set i.e. how governance plan would be
formulated. At this stage, amongst all the existing frameworks i.e. COBIT etc. are
evaluated and then only the relevant strategies are selected to formulate appropriate
framework.
ï‚· After the strategy is formulated as per the requirement of bank, it is then implemented in
this stage, the managers obtain approval form the relevant government regarding ISO and
from BOD of the bank regarding implementation of policies (Rivard and Aubert, 2015).
This ensures that whatever strategies are implemented, they are done after the approval of
higher authority and within the prescribed guidelines.
13
of the organization.
Principle of Honesty:- As the principle itself explains, it is crucial that both internal as well as
external professionals are truthful with each other sharing complete information rather than
hiding or distorting the facts. And PFJ bank has an extremely well established goodwill and
reputation amongst their clients which is the key asset for any bank (Madon and Krishna, 2018).
Principle of Harm:- Harm here does not refer to physical ill-treatment or abuse to employees.
Rather, in context of cyber-ethics, it means that ensuring that employees understand that they are
working collectively with each other. At PFJ bank, they intend to develop a governance system
and it is a very crucial part of the system since it will contain all the sensitive data of their
clients.
Principle of Paternalism:- Since both external and internal professionals are coming together for
the purpose of building up a software, all of them should distribute tasks between themselves
based on their capabilities and expertise.
Procedures
PFJ bank requires a governance system which will ensure safety of the important data and also
guard its privacy (Liu and Wang, 2016). For successful designing, the first step that PFJ bank
must follow is:-
ï‚· Designing the framework which involves basic policies and organizations structure and
in the present case, the aim is to formulate a governance policy and this requires change
in organization structure of PFJ bank since a separate IT department would be formulated
thus changing the hierarchy.
ï‚· After developing the framework, strategy is set i.e. how governance plan would be
formulated. At this stage, amongst all the existing frameworks i.e. COBIT etc. are
evaluated and then only the relevant strategies are selected to formulate appropriate
framework.
ï‚· After the strategy is formulated as per the requirement of bank, it is then implemented in
this stage, the managers obtain approval form the relevant government regarding ISO and
from BOD of the bank regarding implementation of policies (Rivard and Aubert, 2015).
This ensures that whatever strategies are implemented, they are done after the approval of
higher authority and within the prescribed guidelines.
13
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
ï‚· Last stage i.e. monitoring and evaluation involves regularly monitoring that whether the
governance system that has been implemented is appropriate and it is regularly monitored
that whether all the regulations are complied with, the governance system is yielding the
desired results, etc. so that if any deviation occur, they can be immediately addressed and
the gap between the estimated output of the system and the actual output can be
minimized or bridged.
Controls and Staff Guidance
PFJ can implement a control framework i.e. plan-do-check-act framework through
which the management ensures that there is regular improvement in the current practices and
processes. Plan stage involves planning that how PFJ bank will implement a governance system;
do stage involves implementation of the plan formulated; Check stage involves evaluating the
plan that has been implemented and lastly act stage where the corrections that have been
identified are incorporated in the governance plan that is formulated so that it can be ensured that
plan is efficient. In order to successfully implement the plan, the management needs to
adequately train their staff and the key personnel who will be responsible for the implementation
of the plan. They need to ensure that the governance strategy is implemented in a fool proof
manner and appropriate measures have been taken (Rukanova and et.al., 2015). Further, it
should also be ensured that PFJ bank has not kept any loopholes which might give them or to
some other entity any unauthorized access to the information.
Risk Management
In order to analyse the risk, risk matrix needs to be implemented which will asses the
level of risks associated and also identify the severity of the consequences (Awais and Gill,
2016). These are then categorised into negligible, marginal, critical or catastrophic based on the
severity level. STRIDE Model which has also been implemented in the PFJ bank will help the
management in a systematic and regular examination of the security procedures and breaches so
that the security gaps if any can be addressed and unauthorised security breaches of the sensitive
and important information can be stopped. Further, the bank intends to implement risk
management process so that potential risks can be identified before hand and ultimately
minimized.
14
governance system that has been implemented is appropriate and it is regularly monitored
that whether all the regulations are complied with, the governance system is yielding the
desired results, etc. so that if any deviation occur, they can be immediately addressed and
the gap between the estimated output of the system and the actual output can be
minimized or bridged.
Controls and Staff Guidance
PFJ can implement a control framework i.e. plan-do-check-act framework through
which the management ensures that there is regular improvement in the current practices and
processes. Plan stage involves planning that how PFJ bank will implement a governance system;
do stage involves implementation of the plan formulated; Check stage involves evaluating the
plan that has been implemented and lastly act stage where the corrections that have been
identified are incorporated in the governance plan that is formulated so that it can be ensured that
plan is efficient. In order to successfully implement the plan, the management needs to
adequately train their staff and the key personnel who will be responsible for the implementation
of the plan. They need to ensure that the governance strategy is implemented in a fool proof
manner and appropriate measures have been taken (Rukanova and et.al., 2015). Further, it
should also be ensured that PFJ bank has not kept any loopholes which might give them or to
some other entity any unauthorized access to the information.
Risk Management
In order to analyse the risk, risk matrix needs to be implemented which will asses the
level of risks associated and also identify the severity of the consequences (Awais and Gill,
2016). These are then categorised into negligible, marginal, critical or catastrophic based on the
severity level. STRIDE Model which has also been implemented in the PFJ bank will help the
management in a systematic and regular examination of the security procedures and breaches so
that the security gaps if any can be addressed and unauthorised security breaches of the sensitive
and important information can be stopped. Further, the bank intends to implement risk
management process so that potential risks can be identified before hand and ultimately
minimized.
14
Responsibility and Accountabilities
After assessing the designing and implementation of the governance policy, there are
certain other factors that need to be evaluated and these are categorised in following manner:-
Legal and Regulatory Accountabilities :- Legal requirements involve identifying the sources
through which the relevant information is collected and used; enrolling in specific compliance
programmes, getting legal approvals for the decisions taken regarding the governance
programmes, Risks related to IT or technical implementation, impact on society and community
as a whole due to implementation of the governance systems (Merhout and Kovach, 2017).
Regulatory requirements on the other hand involve ensuring that the tools and techniques
imposed are within the regulatory framework, contractual processes and requirements are
fulfilled, evidence of compliance are properly complied, other transactions i.e. with suppliers and
dealers are authentic and can be properly verified etc. Collectively legal and regulatory
framework and its compliance ensures that the new governance system that the bank intends to
implement in their organization goes through without any hitch and company does not get
involved into any complications.
Organizational and Societal Responsibilites:- In order to ensure success of the governance
strategy that is intended to be applied, it must be ensured that all the formulated plans and
strategies for the system are as per the acceptable norms and scenario of the society (Cassidy,
2016). Already, the ISO compliance in itself is the best alliance towards ensuring that whatever
changes the company intends to implemented are for the benefit is not only organization but
whole society as well. While organization aspect will motivate management to generate larger
profits and revenue, societal aspect would keep a check on the aspect that they do the right and
acceptable thing and earn profits in a healthy manner.
Conclusion
From the above study, it can be concluded that PFJ bank is an European retail bank that
uses digital and information technology services in order to provide good quality services to their
clients and customers. Also, the report emphasised on various government bodies like financial
conduct authority (FCA) and prudential regulation authority (PDA) and their role in regulating
the working of financial companies and protecting the interest of customers and general public.
Moreover, it also highlighted the importance of International organisation for
standardization(ISO), it is an autonomous body that regulates the smooth working of the
15
After assessing the designing and implementation of the governance policy, there are
certain other factors that need to be evaluated and these are categorised in following manner:-
Legal and Regulatory Accountabilities :- Legal requirements involve identifying the sources
through which the relevant information is collected and used; enrolling in specific compliance
programmes, getting legal approvals for the decisions taken regarding the governance
programmes, Risks related to IT or technical implementation, impact on society and community
as a whole due to implementation of the governance systems (Merhout and Kovach, 2017).
Regulatory requirements on the other hand involve ensuring that the tools and techniques
imposed are within the regulatory framework, contractual processes and requirements are
fulfilled, evidence of compliance are properly complied, other transactions i.e. with suppliers and
dealers are authentic and can be properly verified etc. Collectively legal and regulatory
framework and its compliance ensures that the new governance system that the bank intends to
implement in their organization goes through without any hitch and company does not get
involved into any complications.
Organizational and Societal Responsibilites:- In order to ensure success of the governance
strategy that is intended to be applied, it must be ensured that all the formulated plans and
strategies for the system are as per the acceptable norms and scenario of the society (Cassidy,
2016). Already, the ISO compliance in itself is the best alliance towards ensuring that whatever
changes the company intends to implemented are for the benefit is not only organization but
whole society as well. While organization aspect will motivate management to generate larger
profits and revenue, societal aspect would keep a check on the aspect that they do the right and
acceptable thing and earn profits in a healthy manner.
Conclusion
From the above study, it can be concluded that PFJ bank is an European retail bank that
uses digital and information technology services in order to provide good quality services to their
clients and customers. Also, the report emphasised on various government bodies like financial
conduct authority (FCA) and prudential regulation authority (PDA) and their role in regulating
the working of financial companies and protecting the interest of customers and general public.
Moreover, it also highlighted the importance of International organisation for
standardization(ISO), it is an autonomous body that regulates the smooth working of the
15
companies irrespective of their size and industry they operate in. Various acts have been
established by ISO to ensure the fair working of companies which will provide benefits to the
organisations in the long run.
16
established by ISO to ensure the fair working of companies which will provide benefits to the
organisations in the long run.
16
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
REFERENCES
Books and Journals
Ali, A. and Kamal, Y., 2016. Corporate Goverance, corporate finance and firm performance: An
empirical study of 30 listed firm at karachi stock exchange Pakistan. Pakistan Journal
of Business and Policy Research, 4 (1). pp.1-19.
Ali, S., Green, P. and Robb, A., 2015. Information technology investment governance: What is
it and does it matter?. International Journal of Accounting Information Systems. 18.
pp.1-25.
Awais, M. and Gill, A., 2016. Enterprise IT Governance: Back to Basics.
Bossong, R. and Hegemann, H., 2016. EU internal security goverance and national risk
assessments: towards a common technocratic model?. European Politics and
Society, 17(2). pp.226-241.
Cassidy, A., 2016. A practical guide to information systems strategic planning. Auerbach
Publications.
Cherupelly, N.K., 2016. E-governance in India: Sociological perspective. Journal of Politics and
Governance, 5(3). pp.83-91.
Edwin, O.A. and Timothy, P., 2016. Corporate Goverance Attributes and Earnings Management:
A Study of Listed Companies in Nigeria. Journal of Policy and Development
Studies, 289(3784). pp.1-22.
Gregory, R. W. and et.al., 2018. IT Consumerization and the Transformation of IT
Governance. MIS Quarterly. 42(4). pp.1225-1253.
Gunay, G.Y., 2016. The Test of Corporate Governance System in the Electric Utilities
Industry. J. Mgmt. & Sustainability, 6, p.132
Liu, S. and Wang, L., 2016. Influence of managerial control on performance in medical
information system projects: the moderating role of organizational environment and
team risks. International Journal of Project Management. 34(1). pp.102-116.
Madon, S. and Krishna, S., 2018. The Digital Challenge: Information Technology in the
Development Context: Information Technology in the Development Context.
Routledge.
Mekonenn, T., 2016. Maturity of Information Technology Governance in the Financial Sector of
Ethiopia; a Comparative Study (Doctoral dissertation, Addis Ababa University).
17
Books and Journals
Ali, A. and Kamal, Y., 2016. Corporate Goverance, corporate finance and firm performance: An
empirical study of 30 listed firm at karachi stock exchange Pakistan. Pakistan Journal
of Business and Policy Research, 4 (1). pp.1-19.
Ali, S., Green, P. and Robb, A., 2015. Information technology investment governance: What is
it and does it matter?. International Journal of Accounting Information Systems. 18.
pp.1-25.
Awais, M. and Gill, A., 2016. Enterprise IT Governance: Back to Basics.
Bossong, R. and Hegemann, H., 2016. EU internal security goverance and national risk
assessments: towards a common technocratic model?. European Politics and
Society, 17(2). pp.226-241.
Cassidy, A., 2016. A practical guide to information systems strategic planning. Auerbach
Publications.
Cherupelly, N.K., 2016. E-governance in India: Sociological perspective. Journal of Politics and
Governance, 5(3). pp.83-91.
Edwin, O.A. and Timothy, P., 2016. Corporate Goverance Attributes and Earnings Management:
A Study of Listed Companies in Nigeria. Journal of Policy and Development
Studies, 289(3784). pp.1-22.
Gregory, R. W. and et.al., 2018. IT Consumerization and the Transformation of IT
Governance. MIS Quarterly. 42(4). pp.1225-1253.
Gunay, G.Y., 2016. The Test of Corporate Governance System in the Electric Utilities
Industry. J. Mgmt. & Sustainability, 6, p.132
Liu, S. and Wang, L., 2016. Influence of managerial control on performance in medical
information system projects: the moderating role of organizational environment and
team risks. International Journal of Project Management. 34(1). pp.102-116.
Madon, S. and Krishna, S., 2018. The Digital Challenge: Information Technology in the
Development Context: Information Technology in the Development Context.
Routledge.
Mekonenn, T., 2016. Maturity of Information Technology Governance in the Financial Sector of
Ethiopia; a Comparative Study (Doctoral dissertation, Addis Ababa University).
17
Merhout, J. and Kovach, M., 2017. Governance Practices over Agile Systems Development
Projects: A Research Agenda.
Nedzel, N.E., 2018. The Relationship Among the International Rule of Law, Spontaneous Order,
Nielsen, M.M., 2016, January. The role of governance, cooperation, and eservice use in current
Egovernment stage models. In 2016 49th Hawaii International Conference on System
Sciences (HICSS) (pp. 2850-2860). IEEE.
Rivard, S. and Aubert, B. A., 2015. Information technology outsourcing: An introduction.
In Information Technology Outsourcing (pp. 15-34). Routledge.
Rukanova, B. and et.al., 2015. Understanding transnational information systems with
supranational governance: A multi-level conflict management
perspective. Government information quarterly. 32(2). pp.182-197.
TRIPUNOSKA, M., 2019. CORPORATE GOVERNANCE, MODERN DEVELOPMENT
PROCESS OF THE ECONOMY IN THE 21ST CENTURY. Vizione. (32).
Van Grembergen, W. and De Haes, S., 2018. Introduction to the Minitrack on IT Governance
and its Mechanisms.
Zhang, X., 2019. Good Governance, Good Enough Governance and Governance with Rights
First (Doctoral dissertation, UCLA).
Online
A threat based approach to computational offloading for collaborative cruise control
[ONLINE]. Available through <https://www.researchgate.net/figure/Composite-threat-
modelling-approach-for-CCC_fig8_318129804>
Cyber security technology and its principles. [ONLINE]. Available through
<http://iskd.in/cyber-security-technology/>
18
Projects: A Research Agenda.
Nedzel, N.E., 2018. The Relationship Among the International Rule of Law, Spontaneous Order,
Nielsen, M.M., 2016, January. The role of governance, cooperation, and eservice use in current
Egovernment stage models. In 2016 49th Hawaii International Conference on System
Sciences (HICSS) (pp. 2850-2860). IEEE.
Rivard, S. and Aubert, B. A., 2015. Information technology outsourcing: An introduction.
In Information Technology Outsourcing (pp. 15-34). Routledge.
Rukanova, B. and et.al., 2015. Understanding transnational information systems with
supranational governance: A multi-level conflict management
perspective. Government information quarterly. 32(2). pp.182-197.
TRIPUNOSKA, M., 2019. CORPORATE GOVERNANCE, MODERN DEVELOPMENT
PROCESS OF THE ECONOMY IN THE 21ST CENTURY. Vizione. (32).
Van Grembergen, W. and De Haes, S., 2018. Introduction to the Minitrack on IT Governance
and its Mechanisms.
Zhang, X., 2019. Good Governance, Good Enough Governance and Governance with Rights
First (Doctoral dissertation, UCLA).
Online
A threat based approach to computational offloading for collaborative cruise control
[ONLINE]. Available through <https://www.researchgate.net/figure/Composite-threat-
modelling-approach-for-CCC_fig8_318129804>
Cyber security technology and its principles. [ONLINE]. Available through
<http://iskd.in/cyber-security-technology/>
18
19
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
20
21
1 out of 21
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.