月旦知識庫
 
  1. 熱門:
 
首頁 臺灣期刊   法律   公行政治   醫事相關   財經   社會學   教育   其他 大陸期刊   核心   重要期刊 DOI文章
科技管理學刊 本站僅提供期刊文獻檢索。
  【月旦知識庫】是否收錄該篇全文,敬請【登入】查詢為準。
最新【購點活動】


篇名
金融創新服務之風險管理分析
並列篇名
Risk Management Analysis of Financial Innovation Service
作者 邱安安黃劭彥 (Shaio-Yan Huang)劉福運 (Fu-Yun Liu)鄭嫆琄
中文摘要
近年來各項科技瞬息萬變,讓各產業發生巨大變化,金融創新服務在數位化與商業模式改變中所帶來的影響,各種金融交易都能在行動APP完成,但同時也存在風險,本研究目的係探討金融業APP所面臨的風險,以提供管理團隊建構降低相關風險的管控機制,研究中依據NIST發布網路安全框架(CSF)為核心的設計框架,彙整金融業APP風險項目並對應至各構面下的控管要項,並經由業界專家的問巻結果排序APP風險重要性。本研究得出全體專家都認為重要程度最高之共同項目為「敏感性資料保護」、「傳輸敏感性資料時未加密傳輸」,這個結果顯示出機密資料防護的重要性。
本研究共找出51個金融業APP所面臨的相關風險與威脅,使其在開發APP時能了解潛在與容易發生的風險,並透過專家問巻的分析結果得出風險項目重要性的排名,俾使金融業開發APP時能妥適規劃面對風險的因應流程,強化資安機制並有效降低資安事故的發生,並作為落實資通安全檢查機制和內控的參考依據。
英文摘要
In recent years, the rapid changes in various technologies have led to breakthrough growth in the development of information in various industries. Mobile APPs have a strong impact on business digitalization and the changes in the business model. Various banking transactions can be completed in mobile APPs, but it also comes with risks. The purpose of this research is to discuss the risks faced by financial APPs which can assist the management team to construct a control mechanism to reduce related risks. The paper uses the Cyber Security Framework (CSF) released by NIST as the control element of the design structure and summarizes a list of financial APP risk items. Each risk item corresponds to the control and management mechanism under each aspect. Subsequently, the importance of risk items is ranked through expert questionnaires. This study shows that all experts consider ''sensitive data protection'' and ''unencrypted transmission during transmission of sensitive data'' to be the two most important risk items. This result shows the importance of confidential data protection.
This research suggests that there are 51 relevant risks and threats faced by financial APPs. Banks can understand the potential and easy-to-occur risks when developing APP by obtaining the rank of the importance of risk items through the analysis results of the expert questionnaire. This enables the banks to properly plan the response process to risks when developing APPs, strengthen the information security mechanism and effectively reduce the occurrence of information security accidents. The results can serve as a reference for the implementation of the information security inspection mechanism and internal control.
起訖頁 1-35
關鍵詞 行動應用程式金融創新APP風險管控Mobile AppFinancial InnovationAppsRisk Management
刊名 科技管理學刊  
期數 202312 (28:3期)
出版單位 中華民國科技管理學會
該期刊-下一篇 完成台灣科技廊帶最後一哩路:以多準則分析探討屏東科學園區發展之政策工具
 

新書閱讀



最新影音


優惠活動




讀者服務專線:+886-2-23756688 傳真:+886-2-23318496
地址:臺北市館前路28 號 7 樓 客服信箱
Copyright © 元照出版 All rights reserved. 版權所有,禁止轉貼節錄