Abstract

Presently, the majority of banking services rely on information technology (IT), hence giving rise to numerous vulnerabilities in IT systems, subpar hardware and software, as well as a lack of attention towards human resources (HR) matters. The utilization of automated systems in banking operations, encompassing transaction processing and financial transfers, is contingent upon the administrative organizational structure of the bank. Consequently, a significant challenge arises in the form of evaluating complex procedures and ensuring their effective execution. The present article presents a system designed to perform a risk assessment for banks, with the objective of safeguarding financial information and security access against theft and potential security attacks that exploit vulnerabilities in information systems and communication networks. The system is comprised of three primary components, namely the Network Environment, Server Environment, and Risks Reporting.