Financial Informationization Risk Management & Control In Abroad

As the thorough development of Financial Informationization, finance increasingly depends on computer information systems, which makes the financial information security issues increasingly urgent. It is not only an important affecting to continuous development themself, but also one of the important factors affecting national financial security. Information Risk Management has become a negligent component of Financial Risk Management.In this paper, the author gave a fairly thorough probe into foreign Financial Information Risk Management and Monitoring. and made an overall analysis to the industry regulations and standards which foreign banks are following during the implementation of Information Risk Management, as well as Risk Management measures. Then, To find some successful experience and lessons in Information Risk Management and Control of foreign banks in developed countries. Combining the features of Chinese banks with the facts of Information Risk Management and Control in the recent years, To dissect the current situation and existing problems of Financial Information Risk Control in our country, and to propose we should complete the foundation work of standardization, starting from the construction of Information Security Control System and Architecture. In order to control risks to an acceptable level and to effectively reduce Financial Information Risk, It is need to launch comprehensive Information Technology Risk Management and Control with PDCA, which meant discovering risks, taking correction measures in time, and starting moderate risk prevention, through circle promoting mechanism, such as risk evaluation, risk correction and control, risk inspecting and auditing, monitoring and lasting evolution.The main architecture of Information Security Management and Control System includes Information Security Strategy System, Information Security Management System, Information Security Operating System, and Information Security Technology System. The author recommended macro risk control and micro risk control with security management and technology, from the angle of financial industry's overall development strategy, and also suggested carrying out regulation compliance, technology effectiveness, inspecting and auditing timely, by means of"70% Management, 30% Technology", so as to effectively control Information Technology Risk in every aspect, and practically prevent information risk issues.