Risk Management in Financial Information Systems using Bayesian Networks

During the last 20 years many technological advances have inundated the entire spectrum of our everyday lives. None of these advances has had such an impact like the IT revolution which can only compare with the Industrial Revolution of the 18th Century. The advent and acceptance of Information Technology as the norm rather the exception has seen this sector move from a tedious and cumbersome manually managed and run sector, to an almost paperless industry that is almost entirely dependent on Information Systems. With the growth of the dependency on IT, the impact of risk concerns on the development and exploitation of information systems has also increased exponentially. Within the financial services industry, risk management involves assessing and quantifying business risks, then taking measures to control or reduce them. These methods are generally built around a well structured process. However, the product coming from the different risk management steps is still largely informal, and often not analytical enough. This lack of formality hinders the automation of the management of risk-related information. Furthermore, these risk management system focuses on specific phases of the software life cycle, without recognizing that risks in one stage can have an impact on other stages. This necessitates the proposed study in order to propose a generic approach that may be deployed to mitigate risks from the early stages of financial information systems development for daily financial institution operations until the post-implementation phases. This paper proposes a new approach for performing a risk analysis study of financial information systems. It is aimed at developing a generic approach for Risk Analysis and Management applicable from the early phases of information system development unlike in the existing models which are applied after the development process. It can be utilized for identifying and valuating the assets, threats, and vulnerabilities of the information system, followed by a graphical modeling of their interrelationships using Bayesian Networks. The proposed approach will exploit the results of the risk analysis for developing a Bayesian Network model, which presents concisely all the interactions of the undesirable events for the system. Based on “what–if” studies of system operation, the Bayesian Network model identifies and prioritizes the most critical events. Keywords: Riks, risk management, Bayesian Network mode

A Hybrid Approach to Reduction of Packet Loss in Wireless Sensor Network

Wireless sensor networks are spatially distributed autonomous sensors to monitor physical or environmental conditions, such as temperature, sound, pressure, etc. and to cooperatively pass their data through the network to a main location The major role of sensor networks is sensing and delivering data to sink node, reliability is an important characteristic. However WSNs are associated with packet loss, which gets worse through multi-hop routing paths in wireless sensor networks, nodes near the destination have higher packet delivery performance. Numerous reasons for packet loss such as: signal attenuation due to the distance between the nodes, asymmetry in wireless communication links, non-uniform radio signal strength, wireless propagation effects (fading and multipath), interference due to hidden terminal problem, in addition to being  greatly affected by the deployment environment, and the behavior of wireless communication have been noticed. In an attempt to reduce packet loss via WSN, this research study proposes a combined approach of distributed storage system algorithm for wireless sensor networks coupled with Replacing Lost Packets (Packet Loss Concealment)  methods. . In an attempt to reduce packet loss via WSN, this research study proposes a combined approach of Modified distributed storage algorithm for wireless sensor networks (MDSA) coupled with Replacing Lost Packets (Packet Loss Concealment)  methods. During this study, a DSS was designed with both repetition code and regeneration code in case there is a link failure. Results from this study showed that for both codes the success probability of both theory and implementation correlate, while the regeneration code showed the highest success probability. And therefore it was chosen for further study. The implementation of regeneration code results showed that the increasing of field size also correlate with the increasing of success probability for both theory and implementation. The implementation of the proposed PLC results showed that showed that the proposed PLC algorithm improves significantly the quality of speech transmitted over an unreliable network with high packet loss rate. Though, the proposed PLC introduces additional delay which needs to be considered but the increased delay is often a necessary expense if the signal quality is a priority. Key words: Wireless Sensor Network,  Distributed Storage System algorithm, packet loss concealmen

Risk Mitigation and Monitoring Strategies for Financial Information Systems

Risk is a concept that denotes a potential negative impact to an asset or some characteristic of value that may arise from some present process or future event. In everyday usage, risk is often used synonymously with the probability of a known loss. Risk management can be defined as the human activity which integrates recognition of risk, risk assessment, developing strategies to manage it and mitigation of risk using managerial resources. The strategies include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk and accepting some or all of the consequences of a particular risk. The objective of risk management is to reduce different risks related to a pre-selected domain to a level accepted by society. Risk management is the process that allows  managers to balance the operational and economic costs of protective measures and achieve gains in mission capability by protecting the Information systems and data that support their institution’ missions.  This process is not unique to the IT environment; indeed it pervades decision-making in all areas of our daily lives. The head of an organizational unit must ensure that the organization has the capabilities needed to accomplish its mission.  These mission owners must determine the security capabilities that their Information systems must have to provide the desired level of mission support in the face of real-world threats. A well-structured risk management methodology, when used effectively, can help management identify appropriate controls for providing the mission-essential security capabilities. This paper explores various strategies and options for mitigating and monitoring risks facing financial information systems in performing risk management of financial information systems in order to minimize the losses incurred when faced by the various risks. Keywords: Riks, risk mitigation, Risk management, Risk monitorin

Know All About Your Customer

We are in the period where businesses must surely apprehend their customers\u27 experience and behaviour to succeed (or even survive). It is imperative that they can quickly tap into Big Data sources and leverage that data to gain critical insight. This paper covers various channels that generate a large amount of data to feed business analytics and facilitate companies to know everything about their customer. Today we are in the era of the customer where customers, not businesses, are pushing business settlements. For this purpose, it is more necessary than ever for companies to get to know their customers on a profound level, and they are beginning to tap their business analytics for this

Instant Awareness of Fraud and Risk

Internet-based fraud is when the internet is used to steal information and resources for financial gain. Simple fraud scams can seek money or personal details, while others seek personal information that will be misused to obtain money, resources or information by deceptive means. Fraud detection mechanisms support the successful identification of fraudulent system transactions performed through security flaws within deployed technology frameworks while maintaining optimal levels of service delivery and a minimal numbers of false alarms. The strategic method of fraud is an effective way to detect and describe both known and unknown frauds. When used proactively to detect unknown fraud, it provides laser-like accuracy that allows for much more efficient investigation than the traditional shotgun approaches that have been used in the past. A firewall is a piece of software or hardware that secures your computer by limiting who can send you information; some firewalls even help to prevent hackers from using your computer to launch attacks on other computers. Heighten the intelligence of your existing security infrastructure to find hidden patterns and relationships suggesting malicious activity. Make better business decisions about your cyber risks

Implementing Risk Mitigation, Monitoring, and Management in IT Projects

Risk management lies at the intersection of project functions performed by the systems engineer and the project manager. Historically, risk management focused more on management elements such as schedule and cost, and less on technical risks for well-defined or smaller projects. However, larger and more complex projects and environments have increased the uncertainty for the technical aspects of many projects. To increase the likelihood of successful project and program outcomes, the systems engineer and project manager must be actively involved in all aspects of risk management

Enhancing Confidentiality And Integrity In Cloud Computing Using RSA Encryption Standard And MD5 Hashing Algorithm

Cloud computing has revolutionized how services are rendered and used by some many people in the world like providing hardware, software and infrastructural storage to many users at any time. This is in terms of software as a service, platform as a service and infrastructure as a service, hence providing room for convinience to the cloud consumers to choose what they want presently and catering for their future needs since its elastic. With the company’s or individual’s data held by a third party that is the cloud provider, it brings out the security issues in respose to confidentiality, availability and integrity of the data at the cloud provider’s side. In this reseach paper solution is provided to maintain confidentiality of data and integrity of data at the cloud provider’s side. This framework contains RSA encryption standard and MD5 hashing alogorithm. In this solution data is encrypted using RSA which generates both public and private keys used in the encryption and the decryption then using MD5 to generate the hash value which is stored before the data is sent to the cloud provider. The hash value is checked upon retriving of data from the cloud and if its still the same then the data was not modified or tempered with if else then the cloud provider has bleeched the contract. All these approaches undergo through the following steps Encryption, Hashing, Data uploading on a cloud, Verification and Decryption