| Summary: | 碩士 === 國立臺灣科技大學 === 財務金融研究所 === 106 === This article adopts a qualitative research method, uses case banks as research subjects, analyzes bank information security and risk management after the occurrence of stolen incidents, and summarizes the following suggestions: (1) To establish an information security special responsibility unit with authority to exercise independence; Report the overall implementation of information security to the Board of Directors; (2) The risk of capital security is actually the risk of the company's operations. In addition to the actual revenue data, the financial report should also include “what security risks are not under control and will (3) The establishment of the SOP process for the notification of security incidents allows the employees to internalize the security response into a part of the workflow and even implanted in the DNA of the employees so that they can truly be properly managed. After the emergency response of the company's assets and security, and the existence of a clear-cut security and security unit, once the security incident occurs, the relevant personnel can perform relevant processing and decision-making in accordance with the powers and responsibilities.
|
|---|
