Designing Information System Risk Management Framework Based on the Past Major Failures in the Japanese Financial Industry

Watanabe, Kenji; Moriyasu, Takashi

doi:10.1007/978-3-540-89173-4_5

Designing Information System Risk Management Framework Based on the Past Major Failures in the Japanese Financial Industry

Kenji Watanabe¹⁸ &
Takashi Moriyasu¹⁹

Conference paper

1196 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5141))

Abstract

As the financial industry has aggressively implemented ICT (Information and Communication Technology) into their operations, the speed, volume and service areas have also increased dramatically. At the same time, the frequency of information system (IS) related failures have increased and vulnerability has been emerging in the financial industry as one of the critical infrastructure of our society. The paper will define IS risks in the financial industry and discuss designing risk management framework with some indicators through some case studies on the past major information systems failures in the Japanese financial industry, such as the system integration failure due to mega-banks merger in 2002 that caused major service disruption in their settlement and retail payments, the nationwide ATM network failure in 2004 that caused a one-month period of intermittent service disruptions, and the largest stock exchange disruption in 2005 that caused a half-day market closure. The framework defines IS risks with primary risk area (system/operational/ management), risk origin (external, internal), risk nature (static, dynamic), indicator criteria (quantitative, qualitative), and monitoring approach (periodic, event-driven, real-time).

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

The Board of Governors of the Federal Reserve System: Draft White Paper on Sound Practices To Strengthen the Resilience of the U.S. Financial System (2002)
Google Scholar
The White House: National Plan for Information Systems Protection Version 1.0 (An Invitation to a Dialogue) (2000)
Google Scholar
Watanabe, K.: Economical efficiency of outsourcing at bank operations: consideration with “risk-adjusted” point of view. Hitotsubashi Journal of Commerce and Management 37, 39–55 (2002)
Google Scholar
Earl, M.: The Risk of Outsourcing IT. Sloan Management Review 37(3), 26–32 (1996)
Google Scholar
Watanabe, K.: Emerging System Vulnerability of Important Social Infrastructure and Risk Management. In: Proceedings of the 33rd International Conference on Computer and Industrial Engineering, Session F1.3, Jedu, Korea (2004)
Google Scholar
Finne, T.: Information Systems Risk Management: Key Concepts and Business Processes. Computers & Security 19, 234–242 (2002)
Article Google Scholar
Patterson, D.F., Neailey, K.: A Risk Register Database System to aid the management of project risk. International Journal of Project management 20, 265–374 (2002)
Article Google Scholar
Suh, B., Han, I.: The IS risk analysis based on a business model. Information & Management 41, 149–158 (2003)
Article Google Scholar
PricewaterhouseCoopers: Governance, Risk and Compliance - Best Practices and Strategies for Success (2004)
Google Scholar
Davies, D.: WORLD TRADE CENTER LESSONS. Computer Law & Security Report 18(2) (2002)
Google Scholar
Bryson, K.: Using formal MS/OR modeling to support disaster recovery planning. European Journal of Operational Research 141, 679–688 (2002)
Article MATH Google Scholar
Phelps, R.: A New Threat to Add to Your Plan: A Pandemic, Spring World 2004 at Orlando (USA), General Session 5, Disaster Recovery Journal (2004)
Google Scholar
Zimmerman, R.: Decision-Making and the Vulnerability if Interdependent Critical Infrastructure, CREATE REPORT, Report#04-005 (2004)
Google Scholar
Hellström, T.: Critical infrastructure and systemic vulnerability: towards a planning framework. Safety Science 45, 415–430 (2007)
Article Google Scholar

Download references

Author information

Authors and Affiliations

Nagaoka University of Technology, 1603-1 Kamitomiokamachi, Nagaoka, Niigata, 940-2188, Japan
Kenji Watanabe
Hitachi Ltd., Systems Development Laboratory, 890, Kashimada, Saiwai-ku, Kawasaki-shi, Kanagawa, 212-8567, Japan
Takashi Moriyasu

Authors

Kenji Watanabe
View author publications
You can also search for this author in PubMed Google Scholar
Takashi Moriyasu
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science, University of Malaga, 29071, Málaga, Spain
Javier Lopez
Hochschule Technik und Architektur Luzern (HTA), Bodenhofstraße 29, 6005, Luzern, Switzerland
Bernhard M. Hämmerli

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Watanabe, K., Moriyasu, T. (2008). Designing Information System Risk Management Framework Based on the Past Major Failures in the Japanese Financial Industry. In: Lopez, J., Hämmerli, B.M. (eds) Critical Information Infrastructures Security. CRITIS 2007. Lecture Notes in Computer Science, vol 5141. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89173-4_5

Download citation

DOI: https://doi.org/10.1007/978-3-540-89173-4_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89095-9
Online ISBN: 978-3-540-89173-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics