{"title":"面向综合企业风险管理、模型风险管理和网络金融风险管理:桥接网络、系统和控制框架","authors":"Y. Malhotra","doi":"10.2139/ssrn.2792629","DOIUrl":null,"url":null,"abstract":"By adopting and integrating the 3 levels of specific frameworks discussed herein, a financial institution can develop, maintain, improve, and sustain its enterprise risk management and compliance frameworks. The proposed risk management framework identifies 3 levels for bridging the gaps in industry frameworks of prudent risk management and information assurance. Context-sensitive adaptation can be enabled by integration across vulnerability analysis and penetration testing embedded within overall systems and networks controls framework and risk management frameworks. Given the discussed contexts of risk management, controls, and compliance frameworks, compliance can benefit from adapting the proposed framework to institution’s specific needs. Integration across the 3 levels of vulnerability analysis and penetration testing embedded within overall systems and networks controls and overarching risk management frameworks can facilitate such context-sensitive adaptation. From perspective of the ISACA framework, vulnerability assessment and penetration testing can be embedded within IT audit framework of assessment of adequacy of internal controls for effective risk management and compliance.","PeriodicalId":414983,"journal":{"name":"IRPN: Innovation & Finance (Topic)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Toward Integrated Enterprise Risk Management, Model Risk Management & Cyber-Finance Risk Management: Bridging Networks, Systems and Controls Frameworks\",\"authors\":\"Y. Malhotra\",\"doi\":\"10.2139/ssrn.2792629\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"By adopting and integrating the 3 levels of specific frameworks discussed herein, a financial institution can develop, maintain, improve, and sustain its enterprise risk management and compliance frameworks. The proposed risk management framework identifies 3 levels for bridging the gaps in industry frameworks of prudent risk management and information assurance. Context-sensitive adaptation can be enabled by integration across vulnerability analysis and penetration testing embedded within overall systems and networks controls framework and risk management frameworks. Given the discussed contexts of risk management, controls, and compliance frameworks, compliance can benefit from adapting the proposed framework to institution’s specific needs. Integration across the 3 levels of vulnerability analysis and penetration testing embedded within overall systems and networks controls and overarching risk management frameworks can facilitate such context-sensitive adaptation. From perspective of the ISACA framework, vulnerability assessment and penetration testing can be embedded within IT audit framework of assessment of adequacy of internal controls for effective risk management and compliance.\",\"PeriodicalId\":414983,\"journal\":{\"name\":\"IRPN: Innovation & Finance (Topic)\",\"volume\":\"42 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IRPN: Innovation & Finance (Topic)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2139/ssrn.2792629\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IRPN: Innovation & Finance (Topic)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2139/ssrn.2792629","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Toward Integrated Enterprise Risk Management, Model Risk Management & Cyber-Finance Risk Management: Bridging Networks, Systems and Controls Frameworks
By adopting and integrating the 3 levels of specific frameworks discussed herein, a financial institution can develop, maintain, improve, and sustain its enterprise risk management and compliance frameworks. The proposed risk management framework identifies 3 levels for bridging the gaps in industry frameworks of prudent risk management and information assurance. Context-sensitive adaptation can be enabled by integration across vulnerability analysis and penetration testing embedded within overall systems and networks controls framework and risk management frameworks. Given the discussed contexts of risk management, controls, and compliance frameworks, compliance can benefit from adapting the proposed framework to institution’s specific needs. Integration across the 3 levels of vulnerability analysis and penetration testing embedded within overall systems and networks controls and overarching risk management frameworks can facilitate such context-sensitive adaptation. From perspective of the ISACA framework, vulnerability assessment and penetration testing can be embedded within IT audit framework of assessment of adequacy of internal controls for effective risk management and compliance.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
