| IT as a key infrastructure for securities company to improve the quality of services, improve the management level and enhance the company’s competitiveness, gradually became the basis of a securities company, and enterprise information technology has become an important strategy for securities companies. As all things have two sides, businesses enjoy the convenience brought by information technology, but also assume new risks arising by IT. In recent years, a spate of securities industry and information technology-related accidents happened. it makes the IT risk management become the focus of enterprise and academics. Assessing IT risks scientifically and precisely is the important work in IT risk management.This paper studied the key issues of IT risk assessment, the first application of mind mapping tool to analyze the formation mechanism of IT risks, starting from the formation mechanism, conducting research on the factors that affect the company’s IT risk through scenario analysis, and analyzed and classified of the risk factors, Come to eight categories of information technology risk factors. On the basis of risk identification and classification research, through questionnaires, qualitative and quantitative analysis method of combining the eight categories of risk factors for correction and evaluation, the results show that IT risk factors HX securities currently need to focus on:Company categories factors, physical security factors, personnel management factors and outsourced factors. Finally, consider the results of the risk assessment, proposed a workable strategy to improve IT security risk management: optimizing organizational division of labor; the establishment of a separate IT risk management posts; strengthening technical staff training; improve internal controls and outsourcing risk control. |
PDF Full Text Request