List of Figures | |
List of Tables | |
Preface | |
Acknowledgments | |
Foreword | |
INTRODUCTION TO E-BANKING | |
E-Banking Basics | |
Evolution of e-banking | |
Impact on traditional banking | |
E-banking components | |
Regulatory approval | |
E-Banking Risks | |
Strategic risk | |
Operational risk | |
Compliance risk | |
Reputational risk | |
Other risks | |
Risk management challenges | |
The five-pillar approach | |
Product and Service-specific Risks | |
Internet banking | |
Aggregation services | |
Bill presentment and payment | |
Mobile banking | |
Weblinking | |
Electronic money | |
Cross-border transactions | |
New products and services | |
RISK MANAGEMENT | |
Risk Management Framework | |
Policies and procedures | |
Risk management process | |
Operational risk management | |
Governance and internal controls | |
Risk Management Organization | |
Organization structure | |
Board and senior management | |
Executive risk committee | |
IT management | |
Internal and external audit | |
International Standards | |
Basel Committee on banking supervision | |
COBIT 4.0 | |
ISO 17799 | |
OCTAVE | |
COSO - enterprise risk management | |
PCI data security standard | |
Financial Action Task Force | |
Corporate governance codes | |
Regulatory guidelines | |
INFORMATION SECURITY | |
Information Security Management | |
Security objectives | |
Security controls | |
Security risk assessment | |
Classifi cation of controls | |
Monitoring and testing | |
Incident response plan | |
Operational Controls | |
Personnel issues | |
Segregation of duties | |
Technical issues | |
Database management | |
Change management | |
Backups and off-site storage | |
Insurance | |
Fraud management | |
Technical Controls | |
Logical access controls | |
Identifi cation and authentication | |
Authentication methods | |
Audit trails | |
Network security | |
Firewalls | |
Malicious code | |
Information security incidents | |
OUTSOURCING | |
Outsourcing in E-Banking | |
Types of outsourcing | |
Material outsourcing | |
Supervisory approach | |
Key risks of outsourcing | |
Board and senior management responsibility | |
Outsourcing policy | |
Managing Outsourced Services | |
Outsourcing decisions | |
Risk assessment and control | |
Service provider due diligence | |
Offshoring | |
Contingency plans | |
Customer service | |
Monitoring and audit | |
Outsourcing Contracts | |
Contractual provisions | |
Right of access clauses | |
Termination clause | |
Offshoring contracts | |
Confi dentiality and security clauses | |
Business continuity clauses | |
BUSINESS CONTINUITY | |
Business Continuity Management | |
The main drivers | |
Board and senior management responsibility | |
Components of BCM | |
Business impact analysis | |
BIA methodologies | |
Recovery strategy | |
Business Continuity Plan | |
Major components of BCP | |
Continuity management team | |
Recovery procedures | |
Resource requirements | |
External communications | |
Plan maintenance | |
Awareness and training | |
Testing of BCP | |
Testing methods | |
Data Centers and Alternate Sites | |
Evolution of data centers | |
Location of the sites | |
Mitigating concentration risk | |
Data center design | |
Logistics management | |
Maintenance procedures | |
Alternate site models | |
External support | |
Business continuity in real life | |
LEGAL AND REGULATORY COMPLIANCE | |
Table of Contents provided by Publisher. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.