| With the development of information technologies, electronic banking becomes more and more popular. However, serious financial frauds through electronic banks happen frequently. Administration and supervision authorities came to realize that risk management of the systems is imperfect and lack of active risk assessment mechanism. Therefore, China Banking Regulatory Commission and the People's Bank of China emphasized the importance of information systems risk control and asked the information risk management of the electronic banking system to meet requirements repeatedly. In order to achieve objectives and enhance risk control, a series of strategies, stands, procedures and methods must be established and implemented to build up a dynamic process and mechanism in all the risk issues. Commercial banks must build up a framework and a set of methods for electronic banking risk control evaluation so as to standardize electronic banking internal assessment and external audit, and to improve the internal control mechanism. So that a long-term risk management mechanism can be formed for secure and stable transaction operation and these requirements can be proactively met.This paper attempts to examine the risk assessment of electronic banking system and offers an attentive solution to its problem. The main work of this paper:Firstly, we survey the various security models and then proposed our risk assessment approaches. Secondly, fundamental parameter system matrixes are formed based on various risk factor abstraction and quantification. Thirdly, fundamental parameter systems are transferred to key parameter systems based on assessment requirements of No.9 [2006] China Banking Regulatory Commission. Fourthly, fundamental parameter system quantitative matrix and key parameter system are combined to form system risk quantitative assessment, and expert evaluation approach is adopted to address the problem of security sub-domain weight misguidance. At last, a simple and easy risk assessment management tool is designed and developed for banking entities based on electronic banking risk assessment approach, helping commercial banks to run and manage risk assessment. This research is well practiced in a number of commercial banking projects, economic and social value is very obvious during the practices. |
PDF Full Text Request