Emerging Technological Risk


Book Description

Classes of socio-technical hazards allow a characterization of the risk in technology innovation and clarify the mechanisms underpinning emergent technological risk. Emerging Technological Risk provides an interdisciplinary account of risk in socio-technical systems including hazards which highlight: · How technological risk crosses organizational boundaries, · How technological trajectories and evolution develop from resolving tensions emerging between social aspects of organisations and technologies and · How social behaviour shapes, and is shaped by, technology. Addressing an audience from a range of academic and professional backgrounds, Emerging Technological Risk is a key source for those who wish to benefit from a detail and methodical exposure to multiple perspectives on technological risk. By providing a synthesis of recent work on risk that captures the complex mechanisms that characterize the emergence of risk in technology innovation, Emerging Technological Risk bridges contributions from many disciplines in order to sustain a fruitful debate. Emerging Technological Risk is one of a series of books developed by the Dependability Interdisciplinary Research Collaboration funded by the UK Engineering and Physical Sciences Research Council.




Federal Cloud Computing


Book Description

Federal Cloud Computing: The Definitive Guide for Cloud Service Providers offers an in-depth look at topics surrounding federal cloud computing within the federal government, including the Federal Cloud Computing Strategy, Cloud Computing Standards, Security and Privacy, and Security Automation. You will learn the basics of the NIST risk management framework (RMF) with a specific focus on cloud computing environments, all aspects of the Federal Risk and Authorization Management Program (FedRAMP) process, and steps for cost-effectively implementing the Assessment and Authorization (A&A) process, as well as strategies for implementing Continuous Monitoring, enabling the Cloud Service Provider to address the FedRAMP requirement on an ongoing basis. - Provides a common understanding of the federal requirements as they apply to cloud computing - Provides a targeted and cost-effective approach for applying the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) - Provides both technical and non-technical perspectives of the Federal Assessment and Authorization (A&A) process that speaks across the organization




Discovery, Innovation, and Risk


Book Description

Discovery, Innovation, and Risk presents brief descriptions of selected scientific principles in the context of interesting technological examples to illustrate the complex interplay among science, engineering, and society.




Intelligent Internal Control and Risk Management


Book Description

Many people in organizations resent internal control and risk management; these two processes representing unwelcome tasks to be completed for the benefit of auditors and regulators. Over the last few years this perception has been heightened by the disastrous implementation of section 404 of the Sarbanes-Oxley Act of 2002, which is generally regarded as having been too expensive for the benefits it has brought. This important book offers a way of improving this prevailing perception and increasing the value of control and risk management by bringing creativity and design skills to the fore. The value of risk and control activities is often limited by the value of the control ideas available and so Matthew Leitch provides an arsenal of 60 high performance control mechanisms. These include several alternative ways to design controls and control systems, as well as providing controls for monitoring and audit, controls for accelerated learning, and techniques for finding and recovering cash. This design material is combined with insights into the psychology of risk control, strategies for encouraging helpful behaviour and enabling change, and a surprisingly simple integration of internal control with risk management. The book is realistic, practical, original, and easier reading than most in the field. The material is not specific to any one country and has international appeal for internal auditors and all those concerned with risk management, corporate governance and security.




FISMA Compliance Handbook


Book Description

This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FISMA compliant security assessment. Various topics discussed in this book include the NIST Risk Management Framework, how to characterize the sensitivity level of your system, contingency plan, system security plan development, security awareness training, privacy impact assessments, security assessments and more. Readers will learn how to obtain an Authority to Operate for an information system and what actions to take in regards to vulnerabilities and audit findings. FISMA Compliance Handbook Second Edition, also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government's technical lead for FedRAMP, the government program used to assess and authorize cloud products and services. - Includes new information on cloud computing compliance from Laura Taylor, the federal government's technical lead for FedRAMP - Includes coverage for both corporate and government IT managers - Learn how to prepare for, perform, and document FISMA compliance projects - This book is used by various colleges and universities in information security and MBA curriculums




Governance and Sustainability in Information Systems. Managing the Transfer and Diffusion of IT


Book Description

This book constitutes the refereed proceedings of the IFIP WG 8.6 International Working Conference on Governance and Sustainability in Information Systems, held in Hamburg, Germany, in September 2011. The 14 revised full papers and 16 research in progress and practice papers presented were carefully reviewed and selected from 47 submissions. The full research papers are organized in the following topical sections:governance, sustainability, design themes, customer and user integration, and future subjects.




Powering the Digital Economy: Opportunities and Risks of Artificial Intelligence in Finance


Book Description

This paper discusses the impact of the rapid adoption of artificial intelligence (AI) and machine learning (ML) in the financial sector. It highlights the benefits these technologies bring in terms of financial deepening and efficiency, while raising concerns about its potential in widening the digital divide between advanced and developing economies. The paper advances the discussion on the impact of this technology by distilling and categorizing the unique risks that it could pose to the integrity and stability of the financial system, policy challenges, and potential regulatory approaches. The evolving nature of this technology and its application in finance means that the full extent of its strengths and weaknesses is yet to be fully understood. Given the risk of unexpected pitfalls, countries will need to strengthen prudential oversight.




Information Technology Risk Management in Enterprise Environments


Book Description

Discusses all types of corporate risks and practical means of defending against them. Security is currently identified as a critical area of Information Technology management by a majority of government, commercial, and industrial organizations. Offers an effective risk management program, which is the most critical function of an information security program.




A Dangerous Master


Book Description

We live in an age of awesome technological potential. From nanotechnology to synthetic organisms, new technologies stand to revolutionize whole domains of human experience. But with awesome potential comes awesome risk: drones can deliver a bomb as readily as they can a new smartphone; makers and hackers can 3D-print guns as well as tools; and supercomputers can short-circuit Wall Street just as easily as they can manage your portfolio. One thing these technologies can't do is answer the profound moral issues they raise. Who should be held accountable when they go wrong? What responsibility do we, as creators and users, have for the technologies we build? In A Dangerous Master, ethicist Wendell Wallach tackles such difficult questions with hard-earned authority, imploring both producers and consumers to face the moral ambiguities arising from our rapid technological growth. There is no doubt that scientific research and innovation are a source of promise and productivity, but, as Wallach, argues, technological development is at risk of becoming a juggernaut beyond human control. Examining the players, institutions, and values lobbying against meaningful regulation of everything from autonomous robots to designer drugs, A Dangerous Master proposes solutions for regaining control of our technological destiny. Wallach's nuanced study offers both stark warnings and hope, navigating both the fears and hype surrounding technological innovations. An engaging, masterful analysis of the elements we must manage in our quest to survive as a species, A Dangerous Master forces us to confront the practical -- and moral -- purposes of our creations.




Technology and Anti-money Laundering


Book Description

. . . a stimulating look at the hard work done in many specialisms that collectively seek to combat money laundering. Sally Ramage, The Criminal Lawyer While there is much noise about the control of money laundering, there are few whose work is able to rise above the din and in clear notes contribute in a constructive manner to the debate. This work is not only an intelligent discussion of many of the substantive issues relating to the control of money laundering, but a great deal more. Drawing on systems theory and seeing the control of money laundering particularly from the standpoint of technology as complex and integral to the proper and effective operation of financial institutions, the author addresses in a novel and practical way the design and management of risk based compliance. The theory is tested, not only in terms of viable technology, but also in an actual case study involving real issues in a bank. Consequently, those concerned with the formulation of policy, the design of controls and procedures and the implementation of such will find the contribution that this book makes of great significance. Barry Rider, Bryan Cave LLP, UK This book avoids the usual trap of interminably listing AML war stories. Instead Dr. Demetis presents a solid theoretical foundation for AML research and practice. He gives a damning critique of the way so-called technological solutions are used uncritically by some AML professionals, and analyses the risk-based approach, describing its problems and ways of avoiding them. He presents a fascinating in-depth case study of a financial institution, and a short case of a bank using technology to improve its True Positive Rate substantially to 17 per cent. Ian Angell, London School of Economics, UK Dr Demetis makes a great contribution to our understanding of anti-money laundering at both a systems and practical level. [He] writes as someone who not only thinks deeply about these issues but, as the in-depth case examples show, has tried to see how far technology can address some audacious goals. Readers will learn that while risk-based approaches to anti-money laundering have been an interesting regulatory development, practical implementation, despite the hype of technology vendors, is still at a primordial state . Michael Mainelli, Gresham College and Z/YEN Group, UK This insightful book examines the influence of information systems on anti-money laundering (AML). It builds on systems theory in order to develop a coherent theoretical framework that can be used for AML research. By using a case study of a major financial institution in the EU-area, a number of technological influences on AML are deconstructed and are used to examine the role that technology plays within AML. The book provides a systems theoretical description of the effects of technology on AML and offers considerations on the risk-based approach the most important contemporary evolution within regulatory initiatives on AML and terrorism financing. Technology and Anti-Money Laundering will appeal to researchers of financial crime and AML as well as those interested in information systems and systems theory. A number of considerations for practitioners are also discussed, including the risk-based approach and the integration of AML-technology in financial institutions, as well as an important data-mining application. Money Laundering Reporting Officers (MLROs) in financial institutions and central bankers will also find much of interest in this book.