论文信息 - An optimization model for the management of security risks in banking companies

An optimization model for the management of security risks in banking companies

The increasing importance of information and communication technologies (ICT), new regulatory obligations (e.g. Basel II) and growing external risks (e.g. hacker attacks) put security risks in the management focus of banking companies. The management has to decide whether to accept expected losses or to invest in technical security mechanisms in order to decrease the frequency of events or to invest in insurance policies in order to lower the severity of events. This paper contributes to the development of an optimization model that aims to determine the optimal amount to be invested in technical security mechanisms and insurance policies. Furthermore the model considers budget and risk limits as constraints and is supposed to help practitioners in controlling security risks.

Ulrich Faisst | Oliver Prokein

[1] Ulrich Faisst,et al. Ein Modell zur Steuerung operationeller Risiken in IT-unterstützten Bankprozessen , 2004 .

[2] Günter Müller,et al. Telematik- und Kommunikationssysteme in der vernetzten Wirtschaft , 2003 .

[3] U. Faisst,et al. Quantifizierung operationeller Risiken : ein Methodenvergleich , 2003 .

[4] Torsten Grzebiela,et al. Insurability of electronic commerce risks , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[5] Kai Rannenberg. Zertifizierung mehrseitiger IT-Sicherheit , 1998 .

[6] Marcelo Cruz. Modeling, Measuring and Hedging Operational Risk , 2002 .