DOCSLIB.ORG

Risk IT and Operations: Strengthening Capabilities

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Risk IT and Operations: Strengthening Capabilities Risk IT and Operations: Strengthening capabilities June 17, 2011 Preface The board of directors of the Institute of International Finance (IIF) and members of the Steering Committee on Implementation (SCI) are pleased to present Risk IT and Operations: Strengthening Capabilities (the Report) to the international financial community. This Report aims to assist the industry in addressing weaknesses identified in the recent financial crisis, particularly in the technology and processes that financial-services firms use to support risk management. The Senior Supervisors’ Group (SSG), in its December 2010 report Observations on Developments in Risk Appetite Frameworks and IT Infrastructure, acknowledged the progress firms have made in undertaking 1 significant IT projects to improve risk-data aggregation. However, it also pointed out that considerable work needs to be done to continue to address weaknesses identified during the height of the crisis. The industry recognizes that inadequate risk IT infrastructure and processes can pose challenges to improving risk-management systems. The IIF has long stressed that a resilient financial system depends equally on appropriate and balanced regulation, sound supervision, credible resolution, and sound internal risk management and governance in firms. Improving banks’ risk IT infrastructure is also important for financial stability because it facilitates the provision of accurate risk information for use by bank management and by the micro- and macroprudential supervisors. We believe this Report provides useful insights and recommendations to both individual firms and supervisors as they work to improve risk IT practices in the industry. It discusses the results of the review undertaken by the SCI, with the help of McKinsey and of firms’ Risk IT/Ops practices. In particular, the Report develops an understanding of the expected impact of regulatory changes on risk IT requirements and assesses the current status of industry practices. More importantly, it provides pragmatic industry principles and recommendations that will facilitate each firm’s decisions on sound risk IT/Ops practices. The IIF is grateful for member firms’ participation in the review. We are especially appreciative of the invaluable support extended by McKinsey, both in conducting the survey and in the development of this Report. The lists of members of the IIF board of directors, the SCI, and the Risk IT Working Group are included in the Report. Josef Ackermann Rick Waugh Chairman of the IIF Board Member of the IIF Board Chairman of the Management Board President and Chief Executive Officer and the Group Executive Committee Scotiabank Deutsche Bank AG Co-chair, SCI Co-chair, SCI Klaus-Peter Müller Charles H. Dallara Member of the IIF Board Managing Director Chairman of the Supervisory Board Institute of International Finance Commerzbank AG 2 Risk IT and Operations: Strengthening capabilities Risk IT and Operations: Contents List of members of the Board of Directors 5 List of members of the Steering Committee on Implementation 7 3 List of members of the Working Groups 10 Executive summary 13 Introduction 17 Insights from the research 22 Five themes to achieve sound industry practice 36 Theme I: Data standardization and risk aggregation 38 for monitoring and reporting Theme II: Front-to-back operating model 49 Theme III: Applications, architecture, and infrastructure 60 Theme IV: Organization, governance, and security 78 Theme V: Interactions with supervisors 92 Next steps for the industry 103 Appendix 1: A Table of Principles and Recommendations 105 Appendix 2: Comparing the guidance of the SSG with this 116 Report’s Principles and Recommendations Appendix 3: A closer look at the survey’s detailed assessment grid 125 Appendix 4: A look at further findings of the survey 127 Appendix 5. Risk IT/Ops data requirements 143 4 Risk IT and Operations: Strengthening capabilities Risk IT and Operations: IIF Board of Directors Chairman 5 Josef Ackermann* Chairman of the Management Board and the Group Executive Committee Deutsche Bank AG Vice Chairman Vice Chairman Vice Chairman Roberto E. Setubal* Francisco González* Rick Waugh* President and Chief Executive Chairman and Chief President and Chief Officer,Itaú Unibanco Banco S/A Executive Officer Executive Officer and Vice Chairman of the Board BBVA Scotiabank of Itaú Unibanco Holding S/A Treasurer Marcus Wallenberg* Chairman of the Board SEB Ms. Suzan Sabanci Dincer Mr. Walter Bayly Chairman and Executive Board Member Chief Executive Officer Akbank T.A.S. Banco de Crédito del Perú (BCP) Mr. Yannis S. Costopoulos* Mr. Baudouin Prot* Chairman of the Board of Directors Chief Executive Officer Alpha Bank A.E. BNP Paribas Mr. Peter Wallison Mr. Robert P. Kelly* Senior Fellow Chairman and Chief Executive Officer Financial Policy Studies BNY Mellon American Enterprise Institute Mr. Vikram Pandit Mr. Hassan El Sayed Abdalla Chief Executive Officer Vice Chairman and Managing Director Citigroup, Inc. Arab African International Bank Mr. Martin Blessing Mr. Michael Smith Chairman of the Board of Managing Directors Chief Executive Officer Commerzbank AG Australia and New Zealand Banking Group Limited Mr. Urs Rohner Mr. Yoon-dae Euh Chairman of the Board of Directors Chairman Credit Suisse Group AG KB Financial Group Inc. Mr. Andreas Treichl Mr. Yasuhiro Sato Chairman of the Management Board and Chief President and Chief Executive Officer Executive Officer Mizuho Corporate Bank, Ltd. Erste Group Bank AG Mr. James Gorman 6 Mr. Gary D. Cohn President and Chief Executive Officer President and Chief Operating Officer Morgan Stanley Goldman, Sachs & Co. Mr. Ibrahim S. Dabdoub Mr. Douglas Flint Group Chief Executive Officer Group Chairman National Bank of Kuwait HSBC Holdings plc Mr. Frédéric Oudéa Mr. K. Vaman Kamath Chairman and Chief Executive Officer Chairman of the Board Société Générale ICICI Bank Ltd. Mr. Peter Sands Mr. Jiang Jianqing Group Chief Executive Chairman of the Board of Directors and President Standard Chartered, PLC Industrial and Commercial Bank of China Mr. Walter B. Kielholz Mr. Jan Hommen Chairman of the Board of Directors Risk IT and Operations: Strengthening capabilities Risk IT and Operations: Chairman of the Executive Board Swiss Reinsurance Company Ltd. ING Group Mr. Nobuo Kuroyanagi* Mr. Charles H. Dallara (ex officio)* Chairman Managing Director The Bank of Tokyo-Mitsubishi UFJ, Ltd. Institute of International Finance Mr. Oswald Gruebel Mr. Corrado Passera Group Chief Executive Officer Managing Director and Chief Executive Officer UBS AG Intesa Sanpaolo S.p.A. Mr. Martin Senn Mr. Jes Staley Chief Executive Officer Chief Executive Officer Zurich Financial Services Investment Bank J.P. Morgan Chase & Co. *Member of the Administrative and Nominations Committee Steering Committee on Implementation Chairmen 7 Mr. Rick Waugh Mr. Klaus-Peter Müller President and Chief Executive Officer Chairman of the Supervisory Board Scotiabank Commerzbank AG Members Mr. Kevin Garvey Mrs. Mayte Ledo Turiel Head of Group Credit Review & Reporting Chief Economist AIB Group Chief Economist for Economic, Financial Scenarios, and Regulation Mr. Edward Murray BBVA Partner Allen & Overy LLP Mr. Christian Lajoie Head of Group Prudential Affairs/Co-head Mr. Roberto Sobral Hollander of Group Director Prudential and Public Affairs Dep. Gestao de Riscos e Compliance BNP Paribas Banco Bradesco Mr. Brian Rogan Ms. Barbara Frohn Verheij Vice Chairman and Chief Risk Officer Managing Director BNY Mellon Banco Santander Mr. James Garnett Mr. Alex Wolff Head of Risk Architecture Head, Risk Strategy Citigroup, Inc. Bank of Ireland Mr. Edward Greene Mr. Robert Pitfield Partner Group Head, Chief Risk Officer Cleary Gottlieb Steen & Hamilton LLP Scotiabank Mr. Christian Wältermann Mr. Desmond McNamara Director Managing Director Capital & Analytics Group Risk Management and Market Risk Group Risk Operations Barclays PLC Commerzbank AG Mr. Andreas Blatt Mr. Adam Gilbert Head Risk IT Managing Director CRO IT Regulatory Policy Credit Suisse JPMorgan Chase Mr. Tonny Andersen Dr. Mark Lawrence Member of the Board & Head of Danske Bank DK Managing Director Danske Bank A/S Mark Lawrence Group 8 Mr. Andrew Procter Dr. Philipp Härle Global Head of Government & Regulatory Affairs Director Government & Regulatory Affairs McKinsey & Company Deutsche Bank AG Mr. Fernando Figueredo Marquez Mr. Bjørn Erik Næss Global Chief Risk Officer Group Executive Vice President Global Risk Management Group Finance and Risk Management Mercantil Servicios Financieros DnB NOR Mr. Akihiro Kitano Dr. Florian Strassberger Senior Manager General Manager Basel 2 Implementation Office Head of North America Mitsubishi UFJ Financial Group, Inc. DZ Bank Mr. Masao Hasegawa Ms. Patricia Jackson Managing Director , CRO, & CCO Partner Mitsubishi UFJ Financial Group, Inc Risk IT and Operations: Strengthening capabilities Risk IT and Operations: FS Risk Ernst & Young Mr. Hideyuki Toriumi Senior Manager Mr. JB King Basel II Implementation Office Director Mitsubishi UFJ Financial Group, Inc. Ernst & Young Mr. Tsuyoshi Monri Mr. Robin Vince President and CEO Head of Operations Mizuho Corporate Bank (USA) Goldman Sachs & Co. Mr. Naoaki Chisaka Mr. Rakesh Jha Vice President Deputy CFO Corporate Planning Division ICICI Bank Mizuho Financial Group, Inc. Mr. Alex Van der Laan Mr. Kenji Fujii Head of Credit Capitals Joint Head of Global Risk Management Group ING Group Global Risk Management Mizuho Securities Co., Ltd. Mr. Mauro Maccarinelli Head of Market Risk Management
Load more

Recommended publications
  • Frankfurt European Banking Congress Frankfurt Am Main, November 22, 2013
    Frankfurt European Banking Congress Frankfurt am Main, November 22, 2013 www. frankfurt-ebc.com Frankfurt European Banking Congress 2013 We are pleased to invite you to the 23rd Frankfurt European Banking Congress at the Alte Oper Frankfurt on Friday, November 22, 2013. This year’s topic is The Future of Europe Martin Blessing Peter Feldmann Jürgen Fitschen Commerzbank City of Frankfurt am Main Deutsche Bank The Future of Europe Friday, November 22, 2013 8.30 a.m. Registration and Coffee 9.30 a.m. Welcome Peter Feldmann Lord Mayor, City of Frankfurt am Main Opening Jürgen Fitschen Chairman of this year’s Frankfurt European Banking Congress; Co-Chief Executive Officer, Deutsche Bank, Frankfurt am Main Keynote Speech Mario Draghi President, European Central Bank, Frankfurt am Main »Eurosclerosis or Will the Eurozone Rise Like a Phoenix?« Discussion Timothy D. Adams President and Chief Executive Officer, Institute of International Finance, Washington, DC Martin Blessing Chairman of the Board of Managing Directors, Commerzbank, Frankfurt am Main André Sapir Professor of Economics, Université Libre de Bruxelles, Solvay Brussels School of Economics and Management, Brussels; Senior Fellow, Bruegel Volker Wieland IMFS Professor for Monetary Economics, Institute of Monetary and Financial Stability, Goethe University Frankfurt am Main, and Member of the German Council of Economic Experts Moderator Melinda Crane Chief Political Correspondent, Deutsche Welle TV, Berlin 11.15 a.m. Coffee Break The Future of Europe 11.45 a.m. »European Financial Market:
    [Show full text]
  • Financial Statements and Management Report  Commerzbank Aktiengesellschaft
    Financial Statements and Management Report Commerzbank Aktiengesellschaft Contents 4 Management report 4 Structure and organisation 4 Corporate responsibility 8 Remuneration report 23 Details pursuant to Art. 289 of the German Commercial Code (HGB) 31 Business and overall conditions 34 Earnings performance, assets and financial position 37 Outlook and opportunities report 43 Risk report 73 Income statement 74 Balance sheet 78 Notes 78 General information 82 Notes to the income statement 83 Notes to the balance sheet 94 Other notes 117 Responsibility statement by the Board of Managing Directors 118 Independent auditors’ report 4 Commerzbank Aktiengesellschaft Management report of Commerzbank Aktiengesellschaft Structure and organisation Corporate responsibility Commerzbank is one of Germany’s leading banks for private and cor- The global community has set itself a new framework for sustain- porate customers, and an internationally active universal bank with lo- able development: the Sustainable Development Goals, which give cations spanning more than 50 countries. It has one of the densest equal consideration to economic, social and environmental factors. branch networks of any private-sector bank in Germany. Commerz- These were agreed by the General Assembly of the United Nations bank serves a total of over 17.5 million private and small-business and apply to all countries, civil society and the private sector. customers and more than 60,000 corporate clients worldwide. Commerzbank also shares responsibility for helping to turn the As part of its new strategy, Commerzbank is focusing its busi- Sustainable Development Goals into reality. We are confident that ness activities on the two core segments “Private and Small- we can contribute to securing the future and increasing the value Business Customers” and “Corporate Clients”, offering them a of the company by gearing the Bank’s core services towards sus- comprehensive portfolio of banking and capital market services.
    [Show full text]
  • The Eurozone Profiteers / 1/ Table of Contents
    THE EUROZONE PROFITEERS / 1/ www.corpwatch.org TABLE OF CONTENTS INTRODUCTION ......................................................................................................................................................... 5 Welcome to the Casino 5 Who Owes Whom? 7 Research by Ester Arauzo Azofra, Pratap Chatterjee, GERMAN BANKING: PAROCHIAL AND OVERBANKED, OR SMALL IS BEAUTIFUL? ................................. 11 Christina Laskaridis, Puck Lo, Myriam Westdeutsche Landesbank: A Jumbo with Engines on Fire and Nowhere to Land 14 Vander Stichele, and Joris Tieleman Depfa and Hypo Real Estate: One-Eyed Man Becomes King in the Land of the Blind 16 Thanks also to Kenneth Haar, Steven Hill, Lily Smith, Commerzbank: Property Lending Can Be a Mug’s Game 19 and Martin Pigeon, who provided valuable input and support for this report. FRENCH BANKING: LESS STATE = LESS HAPPINESS ....................................................................................21 Société Générale: Arrived with a Swagger, Brought Down by a Gamble 23 Crédit Agricole: Ready to Forget Cautious Lessons About Banking 25 Edit & design: Terry J. Allen Dexia: Using Public Funds to Support a Casino 27 Cover design: Pratap Chatterjee Cover cartoon: Khalil Bendib LENDING FRENZY ..................................................................................................................................................31 Spain: An Airport Without Planes, and the Never-Ending Property Boom 33 Greece: Of Disappearing Debt and Illegal Loans 35 Cyprus 39 Ireland: From
    [Show full text]
  • Guide to the Sarbanes-Oxley Act: IT Risks and Controls (Second Edition)
    1. FPO Guide to the Sarbanes-Oxley Act: IT Risks and Controls Second Edition Table of Contents Introduction .............................................................................................................................. 1 Overall IT Risk and Control Approach and Considerations When Complying with Sarbanes-Oxley .... 2 1. Is there an overall approach to IT risk and control consideration that should be followed? .......................... 2 2. Why is it so important to consider IT when evaluating internal control over financial reporting? ............... 4 3. How should Section 404 compliance teams define “IT risks and controls”? .................................................. 5 4. How does management identify and prioritize IT risks? ................................................................................. 5 5. What guidance does COSO provide with respect to IT controls? .................................................................. 6 6. What guidance is provided by the Information Systems Audit and Control Association’s (ISACA) Control Objectives for Information and Related Technologies (COBIT) framework with respect to IT controls? ........................................................................................................... 6 7. How do COSO and COBIT facilitate a Section 404 compliance effort? ........................................................ 6 8. If a Section 404 project strictly and only follows COBIT, will the project be compliant with the Section 404 compliance efforts? .......................................................................................................................
    [Show full text]
  • GTAG 1: Information Technology Controls
    Information Technology ControlsA uditing Application Controls Authors David A. Richards, CIA, President, The IIA Alan S. Oliphant, MIIA, QiCA, MAIR InternationalChristine Bellino, Jefferson Wells Charles H. Le Grand, CIA, CHL GlobalSteve Hunt, Enterprise Controls Consulting LP July 200March 20057 Copyright © 20057 by The Institute of Internal Auditors (IIA), 247 Maitland Ave., Altamonte Springs, FL 32701-4201 USA. All rights reserved. Printed in the United States of America. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form by any means — electronic, mechanical, photocopying, recording, or otherwise — without prior written permission from the publisher. The IIA publishes this document for informational and educational purposes. This document is intended to provide information, but is not a substitute for legal or accounting advice. The IIA does not provide such advice and makes no warranty as to any legal or accounting results through its publication of this document. When legal or accounting issues arise, professional assistance should be sought and retained. GTAG — Table of Contents: Section 1 Section 19 Letter from the President..........................................ii Appendix H – CAE Checklist ................................423 Section 2 Section 20 IT Controls – Executive Summary ............................iii Appendix I – References ........................................445 Section 3 Section 21 Introduction ..........................................................1 Appendix
    [Show full text]
  • The Optimal Risk Management Framework Identifying the Requirements and Selecting the Framework
    100635 Journal vol 1 2019_Layout 1 12/12/18 12:52 PM Page 40 FEATURE The Optimal Risk Management Framework Identifying the Requirements and Selecting the Framework The tremendous rise of cybersecurity attacks, have their own proprietary frameworks or use a coupled with organizations’ exploration of new hybrid of frameworks. Do you have something technologies such as artificial intelligence (AI) and to say about this blockchain to expand their business or better Selecting a Risk Management Method or article? secure their controls, gives cause to review the Framework foundational framework that is being used to Visit the Journal pages identify, assess and action IT risk impacting What criteria are firms using to select the frameworks of the ISACA® website business objectives. This is a perpetual struggle: they use? How often are these frameworks and their (www.isaca.org/journal), reviewing the use of new technologies and their basic tenets reviewed? Is the selected framework find the article and click communicated to the employees of the firm? Is the on the Comments link to impact to the organization’s objectives, profit framework or methodology selected by the firm share your thoughts. mentality and revenue streams. With Apple and Goldman reviewing the feasibility of issuing a new understood by all? Do these frameworks use https://bit.ly/2RCieXY credit card or the old news of Internet of Things quantitative factors or qualitative factors to evaluate (IoT) or driverless cars, enterprise risk and cyberrisk risk? Short of performing a scientific survey of departments or groups must be working overtime organizations to inventory and evaluate the to evaluate and drive the analysis of risk.
    [Show full text]
  • Frankfurt European Banking Congress Frankfurt Am Main, November 23, 2012
    Frankfurt European Banking Congress Frankfurt am Main, November 23, 2012 www. frankfurt-ebc.com Rethinking Finance Friday, November 23, 2012 9.00 a.m. Registration and Coffee 10.00 a.m. Welcome Peter Feldmann Lord Mayor, City of Frankfurt am Main Opening Martin Blessing Chairman of this year’s Frankfurt European Banking Congress; Chairman of the Board of Managing Directors, Commerzbank, Frankfurt am Main Keynote Speech Mario Draghi President, European Central Bank, Frankfurt am Main I. Rethinking Banking and Investment Discussion Martin Blessing Chairman of the Congress; Chairman of the Board of Managing Directors, Commerzbank, Frankfurt am Main Sharon Bowles Chair of the European Parliament's Economic and Monetary Affairs Committee, Brussels Stefan Ingves Chairman of the Executive Board and Governor, Sveriges Riksbank, Stockholm; Chairman of the Basel Committee on Banking Supervision Herbert Stepic Chief Executive Officer, Raiffeisen Bank International, Vienna Charles Wyplosz Professor of International Economics, The Graduate Institute of International and Development Studies, Geneva Moderator Todd Benjamin Todd Benjamin International, London Rethinking Finance 11.45 a.m. Coffee Break 12.30 p.m. II. Rethinking Money Introductory Statement Jens Weidmann President, Deutsche Bundesbank; Member of the Governing Council of the ECB, Frankfurt am Main Discussion Julian Nida-Rümelin Former Minister of State; Chair of Philosophy and Political Theory, Ludwig-Maximilians-University, Munich Tomáš Sedláček Member of the National Economic Council; Chief Macro-Economist, Československá obchodní banka, Prague Guido Tabellini Professor of Economics, Bocconi University, Milan Jens Weidmann President, Deutsche Bundesbank; Member of the Governing Council of the ECB, Frankfurt am Main Moderator Todd Benjamin Todd Benjamin International, London 1.45 p.m.
    [Show full text]
  • Commerzbank Schürt Diewut
    28 DAX-KONZERNE UNGESCHMINKT WOCHENENDE, 19./20./21. APRIL 2013, NR. 76 2 HÖCHSTKURS 9.5.2007 30,02 € 25 Klaus-Peter Müller 20 Aktienkurs Vorstandschef seit Mai 2000 Monatswerte in Euro 15 -2320 Netto- Aus- 01393150 16513284597193 917 6 ergebnis* schüttung in Mio. Euro in Mio. Euro 10 5 *das auf die Commerzbank- Aktionäre entfällt Handelsblatt | Quellen: Bloomberg, Thomson Reuters, Unternehmen, HRI, Fotos: PR, A. Domanski/reuters 0 20032004 2005 2006 2007 Operatives Ergeb. in Mio. € 5591043171726282513 Commerzbank schürt die Wut Von einer Dividende ist keine Rede mehr.Vielmehr wirbt Chef Blessing auf der Hauptversammlung erneut für eine Kapitalerhöhung. Die Führungsmannschaft des Instituts verliert an Glaubwürdigkeit. Yasmin Osman gibt es gar keine offizielle Prognose re selbst für Commerzbank-Verhält- will. Bislang waren dieVersuche im- Auch für die meisten anderen Ak- Frankfurt darüber, wann die Bank ihre Aktio- nisse sind, zeigt schon die Flut an mer vergeblich. tionäre dürfte das Dividenden-Ar- näre wieder mit einer Dividende Gegenanträgen. Etwa 20 Aktionäre Doch das macht die Sache nach gument wie Hohn klingen. Nicht enn Aktionäre von trösten will. Stattdessen wird der haben sich gemeldet. Viele wollen Auffassung der Aktionärin Veritas nur, weil die durch die Rückzahlung normalen Unter- Bankchef heute in den Frankfurter dem Vorstand und dem Aufsichts- GmbH nicht unbedingt besser. „Es der Einlagen eingesparten Zinszah- nehmen zur Messehallen für eine erneute Kapi- rat das Vertrauen entziehen. Der ist beschämend, dass es überhaupt lungen von 214 Millionen Euro pro W Hauptversamm- talerhöhung werben, mit der er die klagefreudige Investor Karl Freitag so häufig zu solchen Misstrauensan- Aktie etwa 3,6 Cent ausmachen.
    [Show full text]
  • Frankfurt European Banking Congress 2008 Frankfurt Am Main, November 21, 2008
    Frankfurt European Banking Congress 2008 Frankfurt am Main, November 21, 2008 www. frankfurt-ebc.com World Currency Regime – to Float or not to Float Friday, November 21, 2008 7.45 a.m. Registration and Coffee 9.00 a.m. Welcome Petra Roth Mayor, City of Frankfurt am Main Keynote Speech Horst Köhler President of the Federal Republic of Germany, Berlin Opening Remarks Martin Blessing Chairman of this year’s Frankfurt European Banking Congress; Chairman, Commerzbank, Frankfurt am Main I. Politics of the World Monetary Order Jong-Wha Lee Head of the Office of Regional Economic Integration, Asian Development Bank, Manila Thomas Mirow President, European Bank for Reconstruction and Development, London Beatrice Chair of International Weder di Mauro Macroeconomics, Johannes- Gutenberg-University of Mainz, Mainz; Member of the German Council of Economic Experts, Wiesbaden Panel Chairman Martin Blessing Chairman of the Congress; Chairman, Commerzbank, Frankfurt am Main 11.00 a.m. Coffee Break World Currency Regime – to Float or not to Float 11.30 a.m. II. Finance after the Turmoil: Shape of Markets and Regulation Cees Maas Senior Advisor, Cerberus Global Investment Advisors, Baarn; Honorary Vice Chairman and Former CFO, ING Group, Amsterdam Lars H. Thunell Executive Vice President and Chief Executive Officer, International Finance Corporation, Washington, D.C. Axel A. Weber President, Deutsche Bundesbank, Frankfurt am Main Panel Chairman Josef Ackermann Chairman of the Management Board and the Group Executive Committee, Deutsche Bank, Frankfurt am Main 1.00 p.m. Buffet Lunch 2.00 p.m. III. Bretton Woods II – on its Way out? Sultan Bin Nasser Governor, Central Bank of the United Al Suwaidi Arab Emirates, Abu Dhabi Henrique Governor, Banco Central do Brasil, de Campos Meirelles Brasilia Jean-Claude Trichet President, European Central Bank, Frankfurt am Main Panel Chairman Herbert Walter Chairman, Dresdner Bank, Frankfurt am Main 3.30 p.m.
    [Show full text]
  • Management for Professionals More Information About This Series at Christoph Franz • Thomas Bieger • Andreas Herrmann Editors
    Management for Professionals More information about this series at http://www.springer.com/series/10101 Christoph Franz • Thomas Bieger • Andreas Herrmann Editors Evolving Business Models How CEOs Transform Traditional Companies Editors Christoph Franz Thomas Bieger Roche Holding Ltd University of St.Gallen Basel, Switzerland St.Gallen, Switzerland Andreas Herrmann Institute of Customer Insight University of St.Gallen St.Gallen, Switzerland ISSN 2192-8096 ISSN 2192-810X (electronic) Management for Professionals ISBN 978-3-319-48937-7 ISBN 978-3-319-48938-4 (eBook) DOI 10.1007/978-3-319-48938-4 Library of Congress Control Number: 2017937747 # Springer International Publishing AG 2017 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissions that may have been made.
    [Show full text]
  • A Risk Management Framework for IT Systems Which Adopt Cloud Computing
    future internet Article ERMOCTAVE: A Risk Management Framework for IT Systems Which Adopt Cloud Computing Masky Mackita 1, Soo-Young Shin 2 and Tae-Young Choe 3,* 1 ING Bank, B-1040 Brussels, Belgium; [email protected] 2 Department of IT Convergence Engineering, Kumoh National Institute of Technology, Gumi 39177, Korea; [email protected] 3 Department of Computer Engineering, Kumoh National Institute of Technology, Gumi 39177, Korea * Correspondence: [email protected]; Tel.: +82-54-478-7526 Received: 22 June 2019; Accepted: 3 September 2019; Published: 10 September 2019 Abstract: Many companies are adapting cloud computing technology because moving to the cloud has an array of benefits. During decision-making, having processed for adopting cloud computing, the importance of risk management is progressively recognized. However, traditional risk management methods cannot be applied directly to cloud computing when data are transmitted and processed by external providers. When they are directly applied, risk management processes can fail by ignoring the distributed nature of cloud computing and leaving numerous risks unidentified. In order to fix this backdrop, this paper introduces a new risk management method, Enterprise Risk Management for Operationally Critical Threat, Asset, and Vulnerability Evaluation (ERMOCTAVE), which combines Enterprise Risk Management and Operationally Critical Threat, Asset, and Vulnerability Evaluation for mitigating risks that can arise with cloud computing. ERMOCTAVE is composed of two risk management methods by combining each component with another processes for comprehensive perception of risks. In order to explain ERMOCTAVE in detail, a case study scenario is presented where an Internet seller migrates some modules to Microsoft Azure cloud.
    [Show full text]
  • ISACA's Risk IT in a Cloud-Based Environment
    ISACA’s Risk IT in a Cloud-based environment Kamal Khan, CISA, CISSP, MBCS, CITP Director, ISACA London Chapter March 2020 Confidential. For internal use only. Agenda • Introduction • Risk IT • Using Risk IT in a Cloud Environment • Conclusion Introduction • Kamal Khan, Director of ISACA London Chapter • Over 30 years experience in Information Systems Audit and Control • Worked in Banking, Utilities, Oil and Gas industries • Worked on initial version of Risk IT and current one which is being revised as Subject Matter Expert • ISACA London Chapter: • ISACA® is the voice of the information systems audit, IT governance, risk management and cybersecurity professions. • The ISACA London Chapter • First in the UK • Established in 1981 • Over 4,200 members, largest in the world Risk IT Confidential. For internal use only. Who uses a formal risk management process for their Cloud environment? Who has heard of ISACA Risk IT? What is Risk IT • An ISACA publication. • An end-to-end, comprehensive view of all risks related to the use of IT • Consists of two documents • The Risk IT Framework • The Risk IT Practiotoner Guide Risk IT Principles Confidential. For internal use only. Can we treat Risks in IT separately Enterprise Risk? Risk Universe • IT Risk is a component of the overall risk universe • Also a component of Strategic Risk, Environmental risk etc Enterprise Risk Strategic Environmental Market Operational Credit Compliance Risk Risk Risk Risk Risk Risk IT-related Risk IT Programme and Project IT Operations and IT Benefit / Value Risk Delivery
    [Show full text]