【正文】 ude: Speed of technological change, Increased visibility of publicly accessible works, Less facetoface interaction with financial institution customers. Management should review each of the processes discussed in this section to adapt and expand the institution’s risk management practices as necessary to address the risks posed by ebanking activities. Financial institution management should choose the level of ebanking services provided to various customer segments based on customer needs and the institution’s risk assessment considerations. Institutions should reach this decision through a boardapproved, ebanking strategy that considers factors such as customer demand, petition, expertise, implementation expense, maintenance costs, and capital support. Some institutions may choose not to provide ebanking services or to limit ebanking services to an informational website. Financial institutions should periodically reevaluate this decision to ensure it 5 remains appropriate for the institution’s overall business strategy. Institutions may define success in many ways including growth in market share, expanding customer relationships, expense reduction, or new revenue generation. If the financial institution determines that a transactional website is appropriate, the next decision is the range of products and services to make available electronically to its customers. To deliver those products and services, the financial institution may have more than one website or multiple pages within a website for various business lines. Financial institutions should base any decision to implement ebanking products and services on a thorough analysis of the costs and benefits associated with such action. Some of the reasons institutions offer ebanking services include: Lower operating costs, Increased customer demand for services, and New revenue opportunities. The individuals conducting the costbenefit analysis should clearly understand the risks associated with ebanking so that cost considerations fully incorporate appropriate risk mitigation controls. Without such expertise, the costbenefit analysis will most likely underestimate the time and resources needed to properly oversee ebanking activities, particularly the level of technical expertise needed to provide petent oversight of inhouse or outsourced activities. Security threats can affect a financial institution through numerous vulnerabilities. No single control or security device can adequately protect a system connected to a public work. Effective information security es only from establishing layers of various control, monitoring, and testing methods. While the details of any control and the effectiveness of risk mitigation depend on many factors, in general, each financial institution with external connectivity should ensure the following controls exist internally or at their TSP. Conclusions A financial institution’s board and management should understand the risks associated with ebanking services and evaluate the resulting risk management costs against the potential return on investment prior to offering ebanking services. Poor ebanking planning and investm