ITC596 Report on Risk Management Assessment

Added on 2020-04-07

21 Pages5654 Words86 Views

ITC596 RISK MANAGEMENT ASSESSMENTNAMESTUDENT IDSUBJECTTOPICDATE1

PROJECT TO ALLOW BUSINESS EMPLOYEES TO USE THEIR PERSONALINFORMATION TECHNOLOGY DEVICES IN THE BUSINESSEXECUTIVE SUMMARYThis is a report of Aztek Company risk management assessment on its trial to choose the best project for its information technology (IT). The report involves the choosing of an IT project from other projects and assessing potential risks that can be involved in that project. The report illustrates different risks affecting financial institutions but specifically those that can affect Aztek Company after implementing the project on allowing employees to use their technology appliances like laptops, mobile phones, software and hardware devices, programs and networks to conduct the business operations (Trydid et al, 2014). In that case the project discusses about any potential risk that may arise in relation to the project. For instance, the project will indicate the risks associated with financial services offered by the Company, security status of the company, possible threats and vulnerable fields and impacts that may be caused by those threats or risks after the project is implemented and the solutions that may be used by the company to reduce those risks, i.e. methods to avoid, prevent and address the risks.2

In that case, financial services risks that affect financial institutions like Aztek Company are basic generic risks that are associated with the company’s services provision. They include risks like systematic risks, credit risks, counterparty risks, operational risks and legal risks. These risksare capable of affecting the financial position of a company. According to Wu et al, 2014, the fact that financial organizations deal with both money and asset value, these risks can cause adverse impacts to the business’s finances, either negatively or positively. The security status risks are basically associated with the company’s technology and cyber security status. Most of the financial institutions are currently prone to the use of technological devices to conduct their daily operations, e.g. businesses have introduced mobile banking which an easier way to access, send and spend funds (Cole et al, 2017). All of these appliances have become a threat to a business’s security system by increasing the opportunity for breach and attack. Furthermore, these cyber security attacks also are a threat to most businesses that use the modern technology methods and devices hence leaving the company’s security system being vulnerable (Hatvani, 2015). All of these threats and risks are capable of causing a lot of negative effects to a business especially in terms of financial status and information theft. Therefore, as for Aztek Company, the project idea faces a lot of challenges but it can be effective and efficient for the company if the risks are assessed and managed carefully. The company, should therefore be able to identify all possible risks in all field and areas of its operations and come up with effective and suitable solutions to mitigate these risks if the project is to succeed. In addition to that, the company should ensure that all the employees, stakeholders and business owners are all on board with the idea and that they intend for it to succeed.3

Table of ContentsINTRODUCTION.....................................................................................................................................5FINANCIAL SERVICES SECTOR REVIEW.......................................................................................5Systematic Risks....................................................................................................................................6Credit Risks...........................................................................................................................................6Counterparty Risks...............................................................................................................................7Operational Risks..................................................................................................................................7Legal Risks.............................................................................................................................................7SECURITY POSTURE REVIEW...........................................................................................................8Types of Cyber Security Risks..............................................................................................................9Mobile banking risks.........................................................................................................................9Social networking risks...................................................................................................................10Security breach and attacks............................................................................................................10Internet of Things............................................................................................................................11THREATS, VULNERABILITIES AND CONSEQUANCES ASSESSMENT...................................12Threats.................................................................................................................................................12Consequences.......................................................................................................................................14DATA SECURITY..................................................................................................................................15Project DataIdentification...................................................................................................................15Data Flow and Access..........................................................................................................................16Risks Mitigation...................................................................................................................................16CONCLUSION........................................................................................................................................16REFERENCES........................................................................................................................................184

INTRODUCTIONInformation Technology (IT) risk management is the application of business principles and practices (that handle business risks) in an IT organization with the aim of controlling, organizing, directing and planning to potential that may occur in the field. IT risk management assists businesses in identifying the risk that relate to business ownership, business operations, influence, adoption and implementation of IT devices and appliances. This means that through IT risk management, businesses are able to avoid, prevent and manage these potential threats to their IT operations or department (Beauchamp-Akatova et al, 2013). Business uncertainties or risks can cause great impacts to business operations, especially the businesses whose operations rely entirely on the information technology department and applications. In that case, IT risk management becomes an important aspect of ensuring information security because of its ability to inflict support on the business operations towards achieving its goals and objectives. Therefore, it is clear it is important for business management team to be able to access and manage IT risks for it succeed.FINANCIAL SERVICES SECTOR REVIEWThere are many business organizations in the world that can be said to be financial institutions offering financial services and products, e.g. depositories (like banks, credit associations and thrifts), insurance companies (life assurance, property, health and injury insurances), investment businesses (real estate, trust funds, REMICs and REITs), finance companies, exchange companies (stock exchange companies, insurance businesses) to name just but a few. The 5

financial institutions are guided and governed by certain specific government rules and regulations in relation to their services and products. The role of these regulations is to help thesefinancial institutions to continue upholding the services they offer to their country or rather customers as well as to the government (Sweeting, 2017). Just like any other business, the financial institutions are faced with different kind of risks during their operations. The risks associated with the provision of financial services by financial institutions differ according to services provided or rather according to the type of institution itself. The different kind of services include the following: origination, distribution, packaging, servicing, intermediation andmarket making services (Schneider et al, 2011). Therefore, financial institutions being some of the most fundamental organizations in every country, they must find ways of managing those risks that are capable of affecting their operations negatively.The following are the risk categories that affect financial institutions:Systematic RisksThese risks are associated with the change of asset value according to systematic aspects. This means that the financial institution assumes this risk personally when its assets change in value due to changes in economic conditions. Examples of these risks are change in interest rates caused by economic changes. Therefore, to be able to manage these kinds of risks, financial businesses focus on tracking, be aware and understand some of the systematic changes that may a risk occurrence like interest rate risks, commodity price risks, foreign exchange risk among others (Acharya et al, 2017).Credit RisksThey occur when the business debtors do no pay back what they owe. This happens mostly to financial businesses that offer crediting services but especially those that that highly illiquid 6

End of preview

Want to access all the pages? Upload your documents or become a member.

Aztek Risk Management & Assessment

|18

|5082

|30

IT Risk Assessment Report for Aztek's Technology Decision

|990

|458

Aztek: Risk Management & Assessment

|18

|4841

|31

Allowing Employees to Bring Your Own Devices at Work (BYOD Project) at Aztek

|13

|5803

|303

Risk Management Report Assignment

|14

|4599

|37

Regulatory Measures and Best Practice

|20

|5821

|53

ITC596 Report on Risk Management Assessment

End of preview

Aztek Risk Management & Assessmentlg...

IT Risk Assessment Report for Aztek's Technology Decisionlg...

Aztek: Risk Management & Assessmentlg...

Allowing Employees to Bring Your Own Devices at Work (BYOD Project) at Azteklg...

Risk Management Report Assignmentlg...