Risk Assessment and Security Policy for Commonwealth Bank Australia

Verified

Added on 2022/11/13

AI Summary

This report provides a risk assessment for the Commonwealth Bank of Australia (CBA), examining potential risks within its IT infrastructure and operational environment. The assessment identifies various threats, including cyber-attacks, data infiltration, and legislative risks, and their potential impact on the bank's operations and reputation. The report proposes mitigation strategies such as multi-factor authentication, secure password protocols, and the implementation of firewalls to enhance security. Furthermore, the report emphasizes the importance of staff education regarding threat assessment and the need to align with technological and policy changes across different countries where CBA operates. The analysis includes a plan, development, and management of a security policy, focusing on the 'My Health Record' system launched by the Australian government, which is designed to integrate into existing local clinical systems. The report covers planning, strategic planning, and resource planning for security policy, along with defining the intent, responsibilities, and scope. It also addresses how to monitor, control, and update the policy over time, highlighting the importance of a robust security framework.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running Head: RISK ASSESMENT 1
Risk Assessment
Name
Institutional Affiliation

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

RISK MANAGEMENT 2
Table of Contents
Common wealth bank Australia......................................................................................................2
Introduction..................................................................................................................................2
Risk in the banks System.............................................................................................................3
Mitigation of the risks..................................................................................................................4
Conclusion.......................................................................................................................................4
References........................................................................................................................................5

RISK MANAGEMENT 3
Commonwealth bank Australia
Introduction
The commonwealth bank of Australia was founded in the year 1911 and was listed as a
public company in the year 1999. During this period the bank has evolved to become a
multinational bank that operates across several countries including, New Zealand, USA, Asia
and across the Middle East. This has propelled the organization to achieve significant financial
margins throughout its years of operation. The bank has a massive 1100 branches worldwide,
and that has enabled them to have more considerable revenue flows on a of verge 20 Billion per
year (Connors & Dake,2018).
For a financial institution worth this much, there ought to be efficient IT infrastructure
that is used to ensure smooth running of all the organization thought the time. This means that
the company has to invest greatly in the technologies that the company uses to ensure efficient
communication and transactions across all its branches.
Risk in the bank's System
With the bank operating in different countries, there is a great risk that the bank may face
attacks from the various networks. Such risks may include cyber-attacks, data infiltration risks or
even physical hardware risks.
Another form of risk might be legislation risks. This is whereby the IT governance of a particular
country changes. This might force the bank also to alter their operations, improve and tranform
their networks. This might affect their security protocols negatively (Weaver & Kiel,2016).

RISK MANAGEMENT 4
These risks may lead to:
1: Loss of data- this is because once the cyber-attacks are initiated, the hackers might delete
crucial information from the bank's system such as financial records of clients. This might ruin
the reputation of the bank which at the moment has millions of customers worldwide.
2. Denial Of Service- This is whereby someone external comes in and infiltrates the bank's
network. By so doing he/she denies the banks customers crucial information or rather paralyzes
the bank from operating at optimal levels. This may include denying customers essential services
and access to their money.
Mitigation of the risks
This risk may be mitigated through, the user of:
1) Multi-factor Authentication- this is whereby before any transaction is processed by the
bank's system, there have to be at least two levels of authentication before the approval is
made.
2) The use of secure Passwords- this is whereby users of the systems are required to change
their password details every time they log in to the systems. This means that a one-time
password is always sent to the user before they are allowed to access their accounts. The
same should be done with the works and staff members of the Bank itself. This would
help prevent internal security breaches.
3) Installations of Firewalls- this is whereby the company installs a system in all their
networks that are placed strategically to monitor the activities of packets of data that are
being transmitted to and from the bank's system. The firewall will be used to flag off any

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

RISK MANAGEMENT 5
suspicious activities that might have a negative influence on the company’s overall policy
and its functionalities.
Conclusion
In conclusion to create a secure banking system the Bank should invest in educating their
staff on different ways of assessing threats. This is in addition to the installations of Firewalls
and the precise assessment of various countries policies in regards to Technology.

RISK MANAGEMENT 6
References
Weaver, C. A., & Kiel, J. M. (2016). Banking information management systems. Cham:
Springer International Publishing.
Connors, J., & Dake, D. (2018). Computer-Based BankingSystems (Doctoral dissertation).