Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Complete the table according to the requirements L TMR Bank Executive Summary TMXBank, Inc. is a profitable regional financial institution with more than $1.2 billion
Complete the table according to the requirements
L TMR Bank Executive Summary TMXBank, Inc. is a profitable regional financial institution with more than $1.2 billion of controlled assets that serves a three-state area in the Southeastern USA. In the last several years, the bank has facilitated growth through the acquisition of small local banks to create a broader geographic presence. In recent strategy mapping sessions, the leadership of TMXBank identified several strategic initiatives it seeks to pursue - 1) continue growth, 2) reduce cost, and 3) improve efficiency of operations. Business Challenges Core banking systems require modernization. a. TMXBank cannot adequately support the functionality of banks it acquired. Staff are stretched to the limit in their efforts to support the disparate systems. b. From a technology viewpoint, integrating the core banking systems with new applications is complex, and the skill set that is needed to maintain the legacy core systems is becoming harder to find. c. See the attached Overview of TMXBank' s systems There are concerns regarding compliance. d. There are concerns about TMXBank' s ability to comply with industry regulations. As the bank has grown it has become subject to additional banking regulations. e. With the continued growth of the bank, the IT staff has become responsible for regulation compliance for which the bank is now accountable. Narrative below is from your discussion with the bank VP of IT. "For all of our core banking account transactions, we run our new $4 million banking app suite on a multi-core transaction processing server that we paid $64,000 on our network that is segregated from all other network nodes and is backed up transaction-by-transaction instantly to two off-site mirror servers. These servers are supported by our 3rd party disaster recovery vendor at an L annual cost of $125,000 per year. These connections are facilitated by two dedicated leased lines that are provided by the vendor. The first server is our redundancy server. If our primary server on site is unavailable the redundant mirror can instantly function as a replacement for the primary server for as long as required. The second off-site mirror is a disaster recovery server. Its primary use is to restore data in the event that the primary transaction process server has a data loss. In the event of multiple failures of the primary and redundant servers, this server could be employed for transaction processing as well. Inside the building, our network is front-ended by a firewall appliance that uses intrusion detection and prevention applications as a well as log capture and analysis apps. This system was purchased 18 months ago for $64,000. Our web server, mail server, and file server are all less than 3 years old and each costed about $4,800 when new. They are segregated on separated network nodes. Likewise, our loan management software and our customer management software, both purchased last year for a combined $132,000, run on a separate server identical to the hardware used for our other apps, that is also on a segregated network node from all other resources. The database server, again similar to our other hardware, with all customer data is in this node. All of these resources are administered by the Network Manager. Connected to our network are 5 teller terminals at which tellers key customer transactions during regular business hours. There are 10 workstations deployed in the building. Two are utilized by our loan officers, four are utilized by our CEO, CFO, VP of Lending, and Manager of Tellers, two are utilized by the Network Manager and his direct report the Network Analyst and the other workstation is mine. There are various job-specific applications cloud sourced from vendors available on each of these workstations and all software is properly purchased from vendors for an annual subscription fee of $200,000." Overview of TMXBank Systems: Web Server Authorization Serve Customer SOL Database FIREWALT In Branch Terminals Internet FIREWAL LIREWALT FIREWALL TIREWALL In Branch Terminals FIREWALL FIREWALL Ir-Branch Terminals Internet Banking Servo Transaction Processing Server Dedicated Leased Iines Branch Servers Mein Branch Remote Branches Required: Complete a Quantitative Risk Assessment by computing SLE, ARO, and ALE. You may need to do some outside research to determine what numbers are appropriate for this assessment. Make sure you explain/justify your use of outside numbers. Note: Quantitative Risk Assessment by computing SLE, ARO, and ALE Single loss expectancy (SLE)-The total loss expected from a single incident. An incident occurs when a threat exploits a vulnerability. The loss is expressed as a dollar value such as $5,000. It includes the value of hardware, software, and data. Annual rate of occurrence (ARO)-The number of times an incident is expected to occur in a year. If an incident occurred once a month in the past year, the ARO is 12. Assuming nothing changes, it's likely that it will occur 12 times next year. Annual loss expectancy (ALE)The expected loss for a year. ALE is calculated by multiplying SLE X ARO. Because SLE is a given in a dollar value, ALE is given as a dollar value. For example, if the SLE is $5,000 and the ARO is 12, the ALE is $60,000 ALE = ARO * SLE Risk Assessment SLE ARO ALE eXPLAINATION 1. Threat to service availability 2. Standardization and modernization 3. Overworked employees 4. Existing systems and new applications are integrated 5. Communication breakdown between branches 6. Observance of banking industry norms 8. IT personnel responsibility of ensuring that standards are followed. 9. Increasing Competition 10. Shortcomings in security standards 11. Reputational Damage L TMR Bank Executive Summary TMXBank, Inc. is a profitable regional financial institution with more than $1.2 billion of controlled assets that serves a three-state area in the Southeastern USA. In the last several years, the bank has facilitated growth through the acquisition of small local banks to create a broader geographic presence. In recent strategy mapping sessions, the leadership of TMXBank identified several strategic initiatives it seeks to pursue - 1) continue growth, 2) reduce cost, and 3) improve efficiency of operations. Business Challenges Core banking systems require modernization. a. TMXBank cannot adequately support the functionality of banks it acquired. Staff are stretched to the limit in their efforts to support the disparate systems. b. From a technology viewpoint, integrating the core banking systems with new applications is complex, and the skill set that is needed to maintain the legacy core systems is becoming harder to find. c. See the attached Overview of TMXBank' s systems There are concerns regarding compliance. d. There are concerns about TMXBank' s ability to comply with industry regulations. As the bank has grown it has become subject to additional banking regulations. e. With the continued growth of the bank, the IT staff has become responsible for regulation compliance for which the bank is now accountable. Narrative below is from your discussion with the bank VP of IT. "For all of our core banking account transactions, we run our new $4 million banking app suite on a multi-core transaction processing server that we paid $64,000 on our network that is segregated from all other network nodes and is backed up transaction-by-transaction instantly to two off-site mirror servers. These servers are supported by our 3rd party disaster recovery vendor at an L annual cost of $125,000 per year. These connections are facilitated by two dedicated leased lines that are provided by the vendor. The first server is our redundancy server. If our primary server on site is unavailable the redundant mirror can instantly function as a replacement for the primary server for as long as required. The second off-site mirror is a disaster recovery server. Its primary use is to restore data in the event that the primary transaction process server has a data loss. In the event of multiple failures of the primary and redundant servers, this server could be employed for transaction processing as well. Inside the building, our network is front-ended by a firewall appliance that uses intrusion detection and prevention applications as a well as log capture and analysis apps. This system was purchased 18 months ago for $64,000. Our web server, mail server, and file server are all less than 3 years old and each costed about $4,800 when new. They are segregated on separated network nodes. Likewise, our loan management software and our customer management software, both purchased last year for a combined $132,000, run on a separate server identical to the hardware used for our other apps, that is also on a segregated network node from all other resources. The database server, again similar to our other hardware, with all customer data is in this node. All of these resources are administered by the Network Manager. Connected to our network are 5 teller terminals at which tellers key customer transactions during regular business hours. There are 10 workstations deployed in the building. Two are utilized by our loan officers, four are utilized by our CEO, CFO, VP of Lending, and Manager of Tellers, two are utilized by the Network Manager and his direct report the Network Analyst and the other workstation is mine. There are various job-specific applications cloud sourced from vendors available on each of these workstations and all software is properly purchased from vendors for an annual subscription fee of $200,000." Overview of TMXBank Systems: Web Server Authorization Serve Customer SOL Database FIREWALT In Branch Terminals Internet FIREWAL LIREWALT FIREWALL TIREWALL In Branch Terminals FIREWALL FIREWALL Ir-Branch Terminals Internet Banking Servo Transaction Processing Server Dedicated Leased Iines Branch Servers Mein Branch Remote Branches Required: Complete a Quantitative Risk Assessment by computing SLE, ARO, and ALE. You may need to do some outside research to determine what numbers are appropriate for this assessment. Make sure you explain/justify your use of outside numbers. Note: Quantitative Risk Assessment by computing SLE, ARO, and ALE Single loss expectancy (SLE)-The total loss expected from a single incident. An incident occurs when a threat exploits a vulnerability. The loss is expressed as a dollar value such as $5,000. It includes the value of hardware, software, and data. Annual rate of occurrence (ARO)-The number of times an incident is expected to occur in a year. If an incident occurred once a month in the past year, the ARO is 12. Assuming nothing changes, it's likely that it will occur 12 times next year. Annual loss expectancy (ALE)The expected loss for a year. ALE is calculated by multiplying SLE X ARO. Because SLE is a given in a dollar value, ALE is given as a dollar value. For example, if the SLE is $5,000 and the ARO is 12, the ALE is $60,000 ALE = ARO * SLE Risk Assessment SLE ARO ALE eXPLAINATION 1. Threat to service availability 2. Standardization and modernization 3. Overworked employees 4. Existing systems and new applications are integrated 5. Communication breakdown between branches 6. Observance of banking industry norms 8. IT personnel responsibility of ensuring that standards are followed. 9. Increasing Competition 10. Shortcomings in security standards 11. Reputational DamageStep by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started