中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/89826
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 42710812      線上人數 : 1442
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/89826


    題名: 銀行業資訊安全法規遵循制度之研究──以內部稽核職能及金融業資訊安全重大事件為中心;A study of information security compliance issue in banking - Focusing on internal audit function and major disciplinary cases
    作者: 高偉程;Kao, Wei-Cheng
    貢獻者: 資訊管理學系在職專班
    關鍵詞: 法令遵循;資訊安全;內部稽核;電腦稽核;巴賽爾銀行監理委員會;Compliance;Information Security;Internal Audit;Computer Audit;Basel Committee on Banking Supervision
    日期: 2022-07-11
    上傳時間: 2022-10-04 12:01:15 (UTC+8)
    出版者: 國立中央大學
    摘要: 由於科技快速發展與金融服務普及,越來越多銀行業者將科技帶進組織所提供的服務中。雖然科技帶來便利,但相對的也帶來風險。民國105年臺灣發生了本土金融史上第一起駭客入侵銀行ATM系統事件,共計損失8,000萬餘元。民國106年遠東國際商業銀行的國際匯款系統SWIFT發生駭客在成功入侵盜轉了18億元匯款到海外。銀行是個歷史悠久的古老行業,在面對數位轉型時,傳統的金融業高階管理人員是否能夠理解資訊科技所帶來的風險?
    本研究主要透過各國之法規、各國際組織之文獻的分析,來比較研究我國與各金融中心先進國家(如:美國、香港、英國、澳洲等)金融業資訊安全制度,了解其中差異並彙總分析。另外研究中也說明各國際公認組織之內部稽核最佳實務,並經由歸納比較我國金融主管機關金管會所公告之資訊安全相關裁罰、未裁罰之重大事件及相關新聞,透過內部稽核人員的角度了解事件的發生是否源自於系統面或是制度面的不足,也將裁罰案例之缺失態樣與前述最佳實務對比,找到稽核職能應改善之處。
    本研究結果顯示,香港主管機關HKMA所頒佈之CFI為較全面的資安規範,其餘各主要金融中心之規範普遍缺乏系統面之規範,並且許多未對內部稽核訂定相關要求,而國內主管機關甚至未對於金融業之資訊安全訂立專法。此外,有關金融業資安事件,則以組織內部發生之事件為大宗,而組織資訊作業之改善應以系統面與制度面並重,且內部稽核職能之資訊作業相關之查核作業應由專業資訊內稽人員負責進行查核,同時也應著重於確認控制措施制度之建立是否已完備。;Due to the development of technology and the popularity of financial services, more and more banks are bringing technology into the services offered by their organizations. Although technology brings convenience, it also brings risk. In Taiwan, the first hacking of a bank ATM system in the history occurred in 2016, with a total loss of over NT$80 million. In 2017, hackers successfully hacked Far Eastern International Commercial Bank′s international remittance system, SWIFT, and transferred NT$1.8 billion in remittances overseas. Banking is an ancient industry with a long history. To face the digital transformation, can traditional financial executives understand the risks brought about by information technology?
    This study compares and analyzes the information security systems of the financial industry in Taiwan with other financial centers (e.g., the United States, Hong Kong, the United Kingdom, Australia) through the analysis of national regulations and the publications of various international organizations. In addition, the study explains the internal audit best practices of various international organizations, and through case summaries analyzes the information security-related penalties announced by the Financial Supervisory Commission, the financial authority in Taiwan, and the major events and related news, to understand from internal auditor′s point of view whether the occurrence of events is due to system or regulations deficiencies. The study also compares the penalized cases with the best practices to identify where the audit function could be improved.
    The results of this study show that the CFI issued by the Hong Kong authority, HKMA, is most comprehensive information security regulation, while the other major financial centers generally lack systematic requirements and do not have relevant requirements for internal auditing. The domestic authority does not even have a specific law on information security in the financial industry. The improvement of information operations of the organization should be emphasized both systematically and institutionally, and the audit operations related to information operations of the internal audit function should be conducted by professional information internal auditors, and emphasis should also be placed on confirming whether the system of control measures has been established.
    顯示於類別:[資訊管理學系碩士在職專班 ] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML82檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明