商业银行信息技术风险管理分析-产业经济学专业论文.docxVIP

PAGE PAGE VI innovation, I only hope that this article can be on commercial bank information security management work to a certain extent exploration effect. This article mainly includes three parts of contents: The first part consists of Chapters 1 and 2. First, departure from the concept of information security risks, this section explains the significance and necessity of information security risk management, and put forward ideas and methods. Then, this part put the research status on Summary of the commercial banks information security management, operational risk management, briefly described the domestic and foreign existing safety standards and information security management methodology the main content and characteristic. The second part consists of Chapters 3,4,5. This part described the Commercial Bank of our country informatization develops the current situation, elaborated the risks of the bank information applications, by field analysis of the six risk characteristics and the causes of four areas. On this basis, the 4th and 5th chapter proposed based on risk management, information technology, security operation of commercial banks information security risk management system construction, and described and analyzed a system of detailed measures. The third part is the 6th chapter. This part combines the specific bank network security solution for the management plan, carried out the practice of introduction and analysis. Keywords: Information Technology; Information Security; Commercial Banks; Operational Risk Management 目 录 摘 要 I AbstractII 目 录 IV 第 1 章 绪论 1 1.1 选题背景 1 1.2 问题提出与研究目的 2 1.3 研究思路和方法 2 1.3.1 研究方法2 1.3.2 研究思路3 1.4 章节安排 3 第 2 章 商业银行信息安全管理相关文献综述 5 2.1 信息安全管理的发展和现状 5 2.1.1 信息安全管理国际发展5 2.1.2 信息安全管理国内研究现状6 2.2 银行操作风险管理研究现状 6 2.2.1 国外关于商业银行操作风险的研究现状6 2.2.2 国内关于商业银行操作风险的研究现状8 2.3 信息安全保障的方法论与指引 9 2.3.1 信息和通信技术安全管理（ISO/IEC TR 13335） 9 2.3.2 信息安全管理体系（ISO/IEC 27001） 10 2.3.3 信息及相关技术的控制目标（COBIT）