Belmont State Bank Essay Sample
Belmont State Bank is a big bank with 100s of subdivisions that are connected to a cardinal computing machine system. Some subdivisions are connected over dedicated circuits and others use the dial-up telephone web. Each subdivision has a assortment of client computing machines and ATMs connected to a waiter. The waiter shops the branch’s day-to-day dealing informations and transmits it several times during the twenty-four hours to the cardinal computing machine system. Edward tellers at each subdivision use a four-digit numeral watchword. and each teller’s computing machine is transaction-coded to accept merely its authorised minutess. Perform a hazard appraisal.
First. I will get down with constructing a control spreadsheet for the bank ; which looks much similar Figure 11. 2: ( Fitzgerald. 374 ) .
Then I would place the assets. In this instance. the assets I worry about most are hardware. web package. client package. informations and mission critical applications. The hardware that I am concentrated on is the mail waiters. web waiters. and client computing machines and ATMs connected to them. Equally far as web package. I look at the application package ( mail waiter and net waiter ) along with waiter runing systems and system scenes. With client package. it’s the overall operating systems and system scenes. Organizational information and storage is the focal point ; the databases with records. The mission critical applications are the company web site and fiscal database with spreadsheets/personal history/ applications and assessments ; along with dealing history.
At the top of the list ; is the mission critical applications necessary to carry on business/ for concern endurance. Following. is the organisational information. client package. hardware. and web package. Equally far as menaces. the biggest menaces in order of dollar loss and likeliness of happening are invasion ( internal. external and eavesdropping/hacking ) . sabotage. fraud. larceny of information. denial of service. virus. larceny of equipment and eventually natural catastrophes. When it comes to placing and documenting the controls. I would hold preventive controls ( security guard in the subdivision edifices ) . and package to code the Teller watchwords. I would besides hold application bed firewall ( to protect information shared with the cardinal computing machine ) . virus/malware plans in topographic point. a catastrophe recovery program and extended preparation sing both watchwords and viruses among others. The controls and their functions would be placed in a numerical list and the controls figure placed in the cell. The original spreadsheet would look similar to Calculate 11. 5 afterward: ( Fitzgerald. 379 ) .
The last measure would be to measure how equal the controls are that are in topographic point now. and the grade of hazard associated with each menace. The Delphi squad will observe. prevent and rectify the menaces harmonizing to precedence. Bing that a dedicated circuit/dial up telephone web is used to link subdivisions and waiters transmit information daily to the cardinal computing machine. security is an issue. The invasion controls work decently. but can be upgraded and should be checked quarterly. The catastrophe and devastation menace could utilize farther concern continuity controls. as there is a high grade of hazard here.