CAIIB - General Bank Management -Technology Management - PowerPoint PPT Presentation

About This Presentation

Title:

CAIIB - General Bank Management -Technology Management

Description:

Information Systems and Technology. IT Applications and Banking. Networking Systems ... Impersonation - forging identity. Eavesdropping Unauthorised read ... – PowerPoint PPT presentation

Number of Views:1583

Avg rating:3.0/5.0

Slides: 61

Provided by: madhav

Category:

more less

Transcript and Presenter's Notes

Title: CAIIB - General Bank Management -Technology Management

1
CAIIB- General Bank Management -Technology
Management MODULE C

Madhav Prabhu
M. Tech, MIM, PMP, CISA, CAIIB, CeISB, MCTS, DCL
prabhu.madhav_at_gmail.com

2
Agenda

Information Systems and Technology
IT Applications and Banking
Networking Systems
Information System Security and Audit

3
Information Systems and Technology

System terminology
MIS and its characteristics
Data warehouse

4
System Terminology

Systems Development Life Cycle
Planning and analysis defines needed
information etc
Design - data structures, software architecture,
interface
Implementation - Source code, database,
documentation, testing and validation etc.
Operations and maintenance - ongoing

5
SDLC

A framework to describe the activities performed
at each stage of a software development project.

6
Various SDLC Models

Waterfall Model when
Requirements are very well known
Product definition is stable
Technology is understood
New version of an existing product
Porting an existing product to a new platform.

7
Various SDLC Models

V-Shaped SDLC Model when
A variant of the Waterfall that emphasizes the
verification and validation of the product.
Testing of the product is planned in parallel
with a corresponding phase of development
Excellent choice for systems requiring high
reliability tight data control applications
patient information etc.
All requirements are known up-front
When it can be modified to handle changing
requirements beyond analysis phase
Solution and technology are known

8
Various SDLC Models

Prototyping Model when
Developers build a prototype during the
requirements phase
Prototype is evaluated by end users and users
give corrective feedback
Requirements are unstable or have to be clarified
Short-lived demonstrations
New, original development
With the analysis and design portions of
object-oriented development.

9
Type of Information Systems

Transaction Processing Systems
Management Information Systems
Decision Support Systems

10
MIS Structure

Strategic Top management
Tactical Middle Management
Operational Lower Management

11
Strategic

External information Competitive forces,
customer actions, resource availability,
regulatory approvals
Predictive information long term trends
What if information

12
Strategic Management

The People
Board of Directors
Chief Executive Officer
President

Decisions
Develop Overall Goals
Long-term Planning
Determine Direction
Political
Economic
Competitive

13
Tactical

Historical information- descriptive
Current performance information
Short term future information
Short term what if information

14
Tactical Management

Decisions
short-medium range planning
schedules
budgets
policies
procedures
resource allocation

People
Business Unit Managers
Vice-President to Middle-Manager

15
Operational

Descriptive historical information
Current performance information
Exception reporting

16
Operational Management

Decisions
short-range planning
production schedules
day-to-day decisions
use of resources
enforce polices
follow procedures

People
Middle-Managers to
Supervisors
Self-directed teams

17
MIS System

MIS provides information about the performance of
an organization
Think of entire company (the firm) as a system.
An MIS provides management with feedback

18
MIS The Schematic
The FirmProcessing
Input Raw Materials, Supplies, Data, etc.
Output Products, Services, Information etc.
MIS
Managers, VPs, CEO
19
MIS - Questions
Q How are we doing? A Look at the report from
the MIS Generic reports Sales, Orders,
Schedules, etc. Periodic Daily, Weekly,
Quarterly, etc. Pre-specified reports Obviously,
such reports are useful for making good decisions.
20
How is a DSS different?

MIS
Periodic reports
Pre-specified, generic reports

DSS
Special reports that may only be generated once
May not know what kind of report to generate
until the problem surfaces specialized reports.

21
MIS vs. DSS Some Differences

In a DSS, a manager generates the report through
an interactive interface
More flexible adaptable reports
DSS Reporting is produced through analytical
modeling, not just computing an average, or
plotting a graph.
Business Models are programmed into a DSS

22
Decision Support System

Broad based approach
Human in control
Decision making for solving structured/unstructure
d problems
Appropriate mathematical models
Query capabilities
Output oriented

23
Types of Decisions
Operational Tactical Strategic
Un-structured Cash Management Re-engineering a process New e-business initiatives Company re-organization
Semi-structured Production Scheduling Employee Performance Evaluation Capital Budgeting Mergers Site Location
Structured Payroll
24
Project Management

Planning Tools
Gantt chart
PERT
Interdependencies
Precedence relationships
Project Management software

25
Information Technology

Some IT systems simply process transactions
Some help managers make decisions
Some support the interorganizational flow of
information
Some support team work

26
When Considering Information,

The concept of shared information through
decentralized computing
The directional flow of information
What information specifically describes
The information-processing tasks your
organization undertakes

27
INFORMATION FLOWS

Upward Flow of Information - describes the
current state of the organization based on its
daily transactions.
Downward Flow of Information - consists of the
strategies, goals, and directives that originate
at one level and are passed to lower levels.
Horizontal Flow of Information - between
functional business units and work teams.

28
INFORMATION PROCESSING

1. Information Sourcing- at its point of origin.
2. Information - in its most useful
form.
3.Creating information - to obtain new
information.
4.Storing information - for use at a later time.
5.Communication of information - to other
people or another location.

29
Data Centers

Centralised data environment
Data integration
Management awareness
Change impact
Decentralised data environment
Functional specialisation
Local differences
User proximity
User confidence
Lack of central control
Corporate level reporting
Data redundancy
Loss of synergy

30
IT Applications and Banking
31
Banking Systems and software

Multi currency
Multi lingual
Multi entity
Multi branch
Bulk transaction entry
High availability
Performance management

32
Selection criteria

Industry knowledge
Banking IT knowledge
Application familiarity
Project Management
Pricing options
Track record
Incumbency
Technical skills
Accessibility
Total Cost

33
Other systems

Electronic clearing and settlement systems
MICR/OCR
Debit Clearing system
Credit Clearing system
RTGS
Cheque truncation
Electronic Bill presentment and payment
Decrease billing costs
Provide better service
New channels- new revenue

34
Networking Systems
35
Data communications

Electronic mail
Internet Connectivity
Local Area Networking
Remote Access Services

36
Information System Security and Audit
37
Computer Security

Physical security
Logical Security
Network security
Biometric security

38
Physical Security

Intrusion prevention- locking, guarding, lighting
Intrusion detection mechanisms Disturbance
sensors, buried line sensors, Surveillance
Document security
Power supply

39
Logical security

Software access controls
Multiple type of access control
Internal access control based on date, time etc
Max tries
Audit trails
Priviliged access
Encryption

40
Network Security

Physical intrusion
System intrusion

41
Attacks

Impersonation - forging identity
Eavesdropping Unauthorised read
Data alteration Unauthorised edits
Denial of Service attacks - Overloading

42
Intrusion Detection Systems

Categories
NIDS Network Intrusion Detection monitors
packets on network
SIV System Integrity Verifier files sum check
Log file Monitor Log entry patterns
Methods
Signature recognition Pattern recognition
Anomaly detection Statistical anomalies

43
Firewalls

First line or last line of defence?

44
Others

VPN
Encryption
Honey pots

45
Biometric Security

Signature recognition
Fingerprint recognition
Palmprint recognition
Hand recognition
Voiceprint
Eye retina pattern

46
Communication Security

Cryptography
Digital Signatures
PKI
CA

47
Cryptography

Art and science of keeping files and messages
secure.
Encryption
Key to encode
DES and Triple DES, IDEA
Safe key length
Cipher
Decryption

48
Digital Signatures

Usage
Verification
Why use?
Authenticity
Integrity
Confidentiality
Non repudiation
Prerequisites Public private key pair, CA

49
PKI- Public Key Infrastructure

A framework for secure and trustworthy
distribution of public keys and information about
certificate owners called clients
Client
Key Management
High quality secret keys
Generation
Key distribution

50
CA- Certification Authority