CAIIB · RM

TECHNOLOGY RISK

Chapter notes, video classes, MCQ practice tests and quick-revision one-liners for Risk Management (Elective) — CAIIB.

1 video class 66 one-liners
Quick revision

One-liners from this chapter

Free sample — 8 of 66 rapid-fire Q&A cards.

Q

What is technology risk in the context of banking operations?

A

Technology risk refers to the risk of loss arising from failures in information systems, infrastructure, or technology-related processes that support banking operations. It includes risks from hardware failures, software defects, cyberattacks, and inadequate IT governance.

Q

What is an Advanced Persistent Threat (APT) in banking cybersecurity?

A

Long-term targeted attack by sophisticated actors on bank systems

Q

How does the Basel Committee classify technology risk within the broader risk taxonomy?

A

The Basel Committee classifies technology risk as a subset of operational risk, defined as the risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events. IT failures fall under the 'systems' category of this definition.

Q

What is a zero-day vulnerability in the context of banking technology risk?

A

Unknown software flaw exploited before vendor releases a patch

Q

What is cyber risk and how does it differ from general technology risk?

A

Cyber risk specifically refers to the risk of financial loss, reputational damage, or regulatory penalty arising from malicious attacks on digital systems such as hacking, phishing, ransomware, and data breaches. General technology risk is broader and also includes non-malicious failures like hardware crashes or software bugs.

Q

What is a firewall and how does it protect banking networks?

A

Network security device filtering unauthorised incoming and outgoing traffic

Q

What is the role of RBI's IT Framework for Banks (2011) in managing technology risk?

A

RBI's IT Framework for Banks (2011) mandates that banks establish an IT governance structure, IT risk management framework, information security policy, and IT audit function. It requires banks to align IT strategy with business strategy and ensure Board-level oversight of technology risk.

Q

What is an Intrusion Detection System (IDS) used for in banks?

A

Monitors network traffic to detect and alert suspicious activities

Unlock all 66 one-liners

Self-quiz mode with hidden answers + printable deck.

Open the deck
Watch & learn

Video classes for this chapter

Master the full RM syllabus

Every chapter of Risk Management (Elective) — videos, tests, notes and one-liner decks in one place.