A financial institution with a highly regarded reputation for protecting customer interests has recently deployed a mobile payments program.
Which of the following key risk indicators (KRIs) would be of MOST interest to the CIO?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The correct answer is option C: Total volume of suspicious transactions.
The deployment of a mobile payments program represents a significant change in the way the financial institution conducts its business, and it introduces new risks that must be managed appropriately. The Chief Information Officer (CIO) is responsible for the technology infrastructure that supports the mobile payments program, and therefore, they will be most interested in a KRI that measures the effectiveness of the program's security controls.
Option A: Number of failed software updates on mobile devices is not the most critical KRI for the CIO to monitor since this KRI relates to technical issues rather than security risks. While failed software updates may affect the functionality of the mobile payments program, they do not necessarily pose a significant security risk.
Option B: Percentage of incomplete transactions is also not the most critical KRI for the CIO to monitor because it is a measure of the program's usability rather than its security. While incomplete transactions may indicate technical issues with the program, they do not necessarily pose a significant security risk.
Option D: Failure rate of point-of-sale (POS) systems is not the most critical KRI for the CIO to monitor since it is a measure of the reliability of the hardware used to support the program rather than the security risks associated with the program. While POS system failures may affect the availability of the mobile payments program, they do not necessarily pose a significant security risk.
Option C: Total volume of suspicious transactions is the most critical KRI for the CIO to monitor since it is a measure of the security risks associated with the mobile payments program. A high volume of suspicious transactions may indicate fraudulent activity, which can compromise the security of the program and damage the institution's reputation. By monitoring this KRI, the CIO can identify potential security threats and take appropriate measures to mitigate them.
In conclusion, the CIO of the financial institution should monitor the total volume of suspicious transactions as the most critical KRI to ensure the security of the mobile payments program.