Читать книгу Non-financial Risk Management in the Financial Industry - Группа авторов - Страница 49

According to NIST, “data confidentiality deals with protecting against the disclosure of information by ensuring that the data is limited to those authorized or by representing the data in such a way that its semantics remain accessible only to those who possess some critical information.”[79] Based on this definition, we define data confidentiality risk as the risk of failure of protecting information from being accessed by unauthorised parties.

This spans all types of confidential data in a bank, from personal customer data via employee data to all generated data used for internal operations and reporting.