Professional Documents
Culture Documents
IT Risk Management
The Business environment is constantly changing and new threats and
vulnerability emerge every day. Secondly the choice of counter
measures (controls) used to manage risks must strike a balance
between productivity, cost, effectiveness of the counter measure, and
the value of the informational asset being protected.
Risk management is the process that allows IT managers to balance
the operational and economic costs of protective measures and achieve
gains in mission capability by protecting the IT systems and data that
support their organizations missions.
This process is not unique to the IT environment; indeed it pervades
decision-making in all areas of our daily lives.
IT systems must have to provide the desired level of mission support in
the face of real world threats. Most organizations have tight budgets for
IT security.
1
FEDBANK
FINANCIAL SERVICES
LIMITED
FEDBANK
FINANCIAL SERVICES
LIMITED
FEDBANK
Array-> Implemented Array to secure the accessibility of the Links to only authorized
users.
Password Protection-> We are protected every applications like User Login, Array, Finnone,
mail, Manage Engine, HRMS,FTP, Domain etc and password policy reset every 45 days.
OTP-> OTP is generated to and the same will be validated during the Loan process to avoid
any wrong mobile numbers of the customers entered into the system which is required to
follow-up and chase during the Auction time, and send SMS about new products.
MPLS-> With the Help of MPLS we could able to bring the systems on domain and possible
to have virtual network internally to communicate from branches to Server located
internally and also escalation and follow-up made easy with the common vendor instead of
different vendor who can be followed only by branch staff.
AMC / Preventive Maintenance-> Vendor will be conducting preventive maintenance on
quarterly and avoid the down time of the equipment.
Plans Pipelined-> Working closely with the Safety and Security solutions vendors like (Tyco,
Zicom etc.) to identify suitable devices which shall give real time alerts on the spot and
also give alert of any attempt of theft / burglary during the day or night time.
4
Educating the user -> Educating user about the Risk involved by connecting BYOD which