摘要:In financial services organizations, the degree of automation is usually high, while the human intervention low. Banks depend on information technology and information management, complex infrastructure and applications, thus controls are required to support the business processes. Furthermore, the information used by financial institution is often entirely IT generated, managed and controlled, therefore the confidentiality, availability and reliability of financial information is crucial. As such, the risks introduced by the use of information systems play a significant role in the operational risk. The goal of the Basel Committee regulations was to improve the risk management practice, introduce supervisory review of banks’ internal capital assessment process and enhance the level of transparency in public reporting. Basel II Accord introduced a new approach to risk within the banking industry as the operational risk was included for the first time. A new framework, Basel III was issued in December 2010, which strengthens the regulation, supervision and risk management of the banking sector. The Basel Accord recommends advanced methods for calculating the risks rating that move towards higher complexity and increased risk sensitivity, so IT re-engineering is necessary in order to better manage data and constantly capture and calculate the different types of risk. This article presents the risks within banking sector as described by the Basel Committee on Banking Supervision and tries to capture the relevance and implications of the recommended practices for the management and supervision of operational risk upon the information systems area.
关键词:Basel Accord; Risk management; Operational risk; IT risk; COBIT