Please enable JavaScript.
Coggle requires JavaScript to display documents.
IT (CYBERSECURITY (STRATEGY COMPONENT (RISK IDENTIFICATION, LEGAL &…
IT
CYBERSECURITY
MAIN GOAL
INTEGRITY
AVAILABILITY
CONFIDENTIALITY
TYPES OF ATTACK
SQL INJECTION
DUMP USERNAME & PASSWORD
CROSS-SITE SCRIPTING
INJECT MALICIOUS CODE TO WEBSITE USER
MALWARE
VIRUS
RANSOMWARE
SEND OUT CONFIDENTIAL DATA
PHISHING
BAIT TO TRAP VIA EMAIL
DENIAL OF SERVICE
FLOOD WITH TRAFFIC
SESSION HIJACKING
MAN IN THE MIDDLE
HIJACK IN MID-SESSION
STRATEGY COMPONENT
RISK IDENTIFICATION
LEGAL & REGULATORY
CLOUD MGT
PROCESS & TECH CTRL
3RD PARTY ECOSYSTEM MGT
PROACTIVE MONITORING
SERVICE AVAIL
INCIDENT RESPONSE
SOCIAL & MOBILE MGT
EDU & USER AWARENESS
APT ATTACK PHASE
RECONNAISANCE
RESEARCH
GATHER INFO
INCURSION
BREAK-IN
DISCOVERY
MAP SYSTEM
SCAN FOR CONFIDENTIAL DATA
VULNERABILITIES
CAPTURE
ACCESS DATA
EXFILTERATION
STEAL INFO
PREVENTIVE LAYER
SANDBOXING
BOTNET
EMAIL PROTECTION
WEB PROTECTION
WEB APP FIREWALL
INTRUSION PREVENTION SYS (IPS)
ANTIVIRUS
FIREWALL
COBIT 5
MEET STAKEHOLDERS NEED
END-TO-END COVER
APPLY INTEGRATED FRAMEWORK
ENABLE HOLISTIC APPROACH
SEPARATE GOV & MGT
GPIS1
SYSTEM SECURITY
SYSTEM DEVELOPMENT
OPERATIONS
COMM NETWORK
BIZ RESUMPTION
BOD & MGT OVERSIGHT
IS COMPONENT
HARDWARE
SOFTWARE
APPLICATION TYPE
CORE BANKING SYS
CREDIT CARD
TREASURY
LOAN
TRADE FINANCE
FINANCIAL
DEPOSIT
INTERNET BANKING SYS
ATM BANKING
STOCK MKT MGT
DATA
PEOPLE
PROCESS
AUDIT
FACTORS TO CONSIDER
LARGE MONETARY ITEMS
ASSET VALUE RAPIDLY CHANGED
COMPLEX SYSTEM
ACCOUNTING
IT
WIDESPREAD
BRANCH
DEPARTMENTS
HIGHLY REGULATED
CROSS-BORDER
CHANNELS
eBANKING
ATM
CDM
INTERNET BKG
PHONE BKG
APPROACH
IDENTIFY AUDIT UNIVERSE
DEVELOP AUDIT PLAN
ESTABLISH
IT OBJECTIVES
SCOPE
IT CONTROL
GATHER INFO
EVALUATE THEM
AUDIT TESTING
REPORT FINDINGS
TOOLS (CAAT)
TEST OF DETAILS
TRANSACTIONS
BALANCES
ANALYTICAL REVIEW
COMPLIANCE TEST
VULNERABILITY ASSESSMENTS
SECURITY TEST & SCAN
RISK
AREAS
INFO SECURITY
BCM
MOBILE COMPUTING
CLOUD COMPUTING
IT RISK MGT
PROGRAM / SYS IMPLEMENTATION
IT ASSET MGT
SOCIAL MEDIA RISK MGT
SEGREGATION OF DUTIES
DATA LOSS PREVENTION
ASSESSMENT (ISO 31000)
ESTAB CONTEXT
RISK IDENTIFICATION
RISK ANALYSIS
RISK EVALUATION
RISK TREATMENT
MONITOR & REVIEW
TREATMENT
ACCEPTANCE
AVOIDANCE
TRANSFER
REDUCTION
INFO LIFECYCLE MGT (ILM)
DATA CATEGORY
AT REST
AT USE
IN MOTION
CLASSIFICATION PROCESS
ENTER INTO INVENTORY
CLASSIFY INFO
LABEL INFO
INFO HANDLING
CLASSIFICATION LEVEL
CONFIDENTIAL
RESTRICTED
INTERNAL
PUBLIC
BIG DATA ANALYTICS
CYCLE
DISCOVERY
ITERATION
FLEXIBLE CAPACITY
MINING & PREDICTING
DECISION MGT
TOOLS
DISCOVERY
BUSINESS INTELLIGENCE (BI)
CUSTOMER RELATIONSHIP MGT
INTERACTION ANALYSIS
INVESTMENT PROFILE
INDIVIDUAL PROFILE
LOYALTY
MKT ANALYSIS
CAMPAIGN ANALYSIS
CROSS-SELL ANALYSIS
PERFORMANCE MGT
TRANSACTION
INSURANCE PRODUCT
INVESTMENT ARRANGEMENT ANALYSIS
PROFITABILITY ANALYSIS
CUST LIFETIME VALUE
LOCATION PROFITABILITY
RISK MGT
INT RATE RISK
CREDIT RISK PROFILE
SECURITY ANALYSIS
LIQUIDITY RISK
CREDIT RISK
DEBT RESTRUCTURING
LOCATION EXPOSURE
NPL
OPS RISK
ASSET LIABILITY MGT
LIQUIDITY
S/T FUNDING
CAP ALLOCATION
CREDIT LOSS PROV
NET INTEREST MARGIN VAR
EQUITY POSITION EXPOSURE
COMPLIANCE
SUSPICIOUS ACTIVITY
TRX ACTIVITY
INCOME STMT BY FUNCTION
CASHFLOW ANALYSIS
SOX
BALANCE SHEET
CASHFLOW
IN-DATABASE ANALYTICS
HADOOP
DECISION MGT
CONTROLS
GENERAL
GENERAL IT CTRL
ADMIN CTRL
SECURITY POLICIES
PHYSICAL
MONITOR ACCESS
LOGICAL
MANAGE ACCESS
ORG SECURITY P&P
SDLC
FEASIBILITY ANALYSIS
REQUIREMENT ANALYSIS & SPEC
DESIGNING
CODING
TESTING
IMPLEMENTATION
MAINTENANCE
OPS CTRL
DOC RECORDS
CONTINGENCY PLANNING & BACKUP
CHANGE MGT
CHANGE REQUEST
CATEGORIZE & PRIORITIZE REQUEST
ANALYSE & JUSTIFY
APPROVE & SCHEDULE CHANGE
IMPLEMENT CHANGE
POST-IMPLEMENTATION REVIEW
APPLICATION
INPUT CTRL
PROCESSING CTRL
OUTPUT CTRL
INTEGRITY CTRL
MGT TRAIL
BCM
PREPARE DRP
THREATS
IDENTIFY
ANALYSIS
WEIGHT & CLASSIFY
ASSESS RISK
DETERMINE EFFECTS
EVALUATE RECOVERY MECHANISM
OBJECTIVES
MIN FIN LOSS
CON'T SERVE CUSTOMERS
MAINTAIN
RESUME
RECOVER
MITIGATE -VE EFFECTS
STRATEGIC PLAN
OPERATIONS
BIZ IMPACT ANALYSIS
MAX TOLERABLE DOWNTIME
RECOVERY TIME OBJECTIVE
REPUTATION