| Self-assessment is the evaluation of owner of the system.Self-assessment is the basic means of internal risk control as well as auditing.Currently models and methods used in the evaluation are too theorized,relying on individual experience, so it is complex to operate,and can’t be wellused by the enterprise. How to construct a scientific, simple, effective fromevaluation model and methods, has become a task that must to be faced andsolved.This article is based on the requirements related to regulatory agencies.In this article, the traditional risk assessment technology is researched firstly,and a self-assessment model is made. Then, based on self-assessmentmodel, for the current situation that self-assessment missions of our bank aremanaged manually, We build a self-assessment of risk-management system.This article describes in detail the design and implementation of the variousmodules, which made dynamic-management of full process ofself-assessment implementation schedule come true. Finally, the articledescribes the pilot work in our bank based on the model. This article solves the problems of the measurement of assets,vulnerabilities, threats, and evaluations in traditional model. Bank operationsare closely combined with the professional risk assessment, and planning riskcontrol range of our bank IT and sub-field of it. The model has a goodadaptability and dynamic nature. |
PDF Full Text Request