Information Technology/Information System Risk Management in a Banking Industry
The etymology of the word “Risk” can be traced to the Latin word “Rescum” meaning Risk at Sea or that which cuts. Risk is associated with uncertainty and reflected by way of charge on the fundamental/ basic i.e.in the case of business it is the Capital, which is the cushion that protects the liability holders of an institution. Banks are compelled to encounter various kinds of financial and non financial risks. These risks are interdependent and events affecting one area of risk can have ramifications and penetrations for a range of other categories of risks. In the current scenario the Information Technology/Information System Risk management became the most inevitable task of the bank. The increase in tremendous number of fraudulent transactions via password compromising, OTP sharing, phishing etc may cause wide range of possibilities of threats to the firewall of the organisation.
This article mainly deals with the major Information system threat that arouse in banking industry. After a brief description on it, the study leads to the possible ways of managing the risk Importance of risk management program has been briefly illustrated. The role of Information Technology department in banking industry in safe guarding the privacy of the customer, their account details and other sensitive data of the bank has been briefed. As a conclusion, the article describes about the avoidance of risk through the approaches Avoid, Reduce, Transfer, and Accept. As technology increases day by day, the possibility and loopholes for new fraudulent are increasing. In practice there is no single unified solution for IT Risks. It's been said that we can control to an extend cannot be eradicated.
Keywords - Risk Assessment, Risk Management, Risk Avoidance