Table of Contents.

Added on - 22 Sep 2019

  • 18

    pages

  • 5005

    words

  • 125

    views

  • 0

    downloads

Showing pages 1 to 4 of 18 pages
Table of ContentsInformation Governance and Cyber Security............................................................................................- 2 -Introduction............................................................................................................................................- 2 -Information Governance & Cyber Security Policy................................................................................- 2 -Information Governance Policy.........................................................................................................- 2 -Cyber Security Policy........................................................................................................................- 3 -Importance of Information Governance & Cyber Security in PFJ Bank...............................................- 6 -Justification for Implementing Information Governance....................................................................- 10 -Personal Responsibility & Initiatives...................................................................................................- 13 -Conclusion...........................................................................................................................................- 14 -References............................................................................................................................................- 15 -Appendix..............................................................................................................................................- 17 -1|P a g e
Information Governance and Cyber SecurityIntroductionInformation is crucial in terms of banking in managing the customer information and the effectivemanagement of services. This Paper discusses about the implementation of Information Governancepolicy in PFJ bank which is one of the European retails and investment bank operating across Europe. PFJbank holds the trust with the all its established client bases and all relevant stakeholders with its stabilityand security towards their data. The board of directors of PFJ bank trust that strong informationgovernance is essential in safeguarding their most sensitive and private information.This paper justifiesthat the information governance policy meets thePFJ organization’s business needs andalso ensures thatall the information is dealt legally, securely and effectively with minimized risks.Governance refers tocontrol, accountability, responsibility of any issues inside the Organization. With this policy implementedthe organization can establish a strong logical framework to handle theirsecured information.Information Governance & Cyber Security PolicyInformation Governance PolicyInformation is considered as a most vital asset in terms of all types of organization and Institutions. Henceit is therefore necessary in providing appropriate policies and procedures in managing and securing them.Information governanceis the management of information within an organization securely. It also provideslegal compliance, transparency in its operation and reducing costs.To protect the bank’s information fromeither internal or external threats, information governance policy can be implemented which providesquality and provides strategic decision making. Collectively information management refers to efficientcoordination and control of information from external and internal sources.Information Governance Framework (IGF):The Information Governance Framework is a frameworkwhich provides a format of capturing the data and information of the bank customers in all formats thatcan be used from archives.It provides a logical framework in which the employees can handle their dataand information through information governance policies. It outlines the approach of how to handle theElectronically Stored Information(ESI)by the Employees with Compliance, risk management,accountability and security. This framework also constitutes some factors which are related directly orindirectly to information in bank.2|P a g e
Fig 1: Information Governance FrameworkThere are some factors that should be considered by banks in an information governance framework. Theyare:a.Information serves great value to banks nowadays and it is essential for why they need and what aninformation that must handle with it.b.Banks may implement information governance through IGFafter verified by the selected group of bankexecutives.c.To deal with the dynamic banking industry, information governance framework should considermultiple aspects of the information and governance that are able to deal the issues inside the bank.d.Information governance framework in banks includes several factors and some of them areaccessibility, Compliance, Consummation, ethics, monitoring, privacy, security, mobility, transparencyand value.e.Some IGF deals consists ofDimensionsandFactors. Dimensions are the first level of framework andthey are the grouping of interconnected information. Factors are second level and they identify theissues that the bank must address to implement the IGF.[CITATION Tam \l 1033 ]Cyber Security PolicyThe Internet banking orE-bankinghas become one of the fastest and convenient way of bankingnowadays andcyberthreats are also at an increasing rate in banking and e-commerce industries. Bankshave migrated their operations widely to Internet banking because of its high rate of customer experienceat reduced cost. It also led to huge number of security threats to the customers. So, it is responsibility of abank to deploy more security policies and safeguard internet banking experience.3|P a g e
An attack via cyber space to disrupt, disable or destroy a computer infrastructure maliciously and collapsethe data or stealing the secured information are calledcyberAttack.CyberSecurityis the ability toprotect the system from these cyber attackers. Example could be, when a user signs in a webpage withsomeone’s credentials from another device, an automated notification must be sent to the customer’sregistered mobile number.[ CITATION Jaa \l 1033 ]Some of the practices the PFJ bank can implement to have a safe e-banking areOperating Systemmust to be up to date to protect from the malware and when a software is downloadedfrom a 3rdparty site, it also downloads some malicious codes which can be hidden inside the software.Installing an Antivirus detects any suspicious virus that is residing on the system and delete them.Browsersare the most probable medium for the cyber attackers. If the browsers are not frequentlyupdated, then there is a chance of sharing that customer’s data with someone.Managingpasswordsis essential criteria. Passwords must be more unique to recognize which preventsthe unauthorized access. Changing the passwords once in every 6 months is a good practice and limitingthe number of attempts to try also provide good security.Understanding Banking agreement:A recent survey had a report that the users do not read andunderstood the complete online banking agreement which highlights some of the security policies and theareas which the bank want to educate their customers on sensitive nature of internet banking. The bankbelieves that the customers has clearly understood the terms and conditions for online banking whenhe/she signs the contract.[ CITATION Mun \l 1033 ]Taxonomy of Cyber-attacks:Cyber-attacks cause potential impact to the information in a bank and they are classified mainly intoSyntactic and Semantic Attacks. Syntactic attacks deal with viruses and trojans and Semantic attacks arethose which interfere with the bank server and network and distract them. To facilitate more deeperunderstanding in the cyber-attacks, we should describe the different types of cyber-attacks. These attacksmay be from the inside organization or external. This classification will provide an outline of the range ofharms and the impacts that creates within the bank’s security structure.[ CITATION Mar \l 1033 ]Data Breaches: Data breaches is one of the commontypes of cyber event in which the personalinformation such as usernames & passwords, credit card numbers and other personal information either ina printed or digital information. Most Commonly this occurs from the theft laptop or computers containingpersonal information to steal the financial information of a person.4|P a g e
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Download This Document