tailieunhanh - Riskand Controls Management

In a 2004 survey of 200 IT professionals from 14 countries in the Americas, Asia/Pacific and Europe, the IT Governance Institute (ITGI) found that in 80% of organizations, IT management is solely responsible for defining and addressing IT risk impact. This widespread lack of involvement by business unit managers demon- strates a consistent—and alarming—gap in mapping technology risk to the business. Additionally, this gap als shows that most organizations have inadequate IT risk assessment processes across their enterprises. After all, the consumers themselves—those people that require and use technology services—must share ownership of business-related IT risks with IT management and executive management | Written and provided by Global Knowledge Expert Reference Series ofWhite Papers Controlling the Beast Risk and Controls Management in Financial Services 1-800-COURSES White Paper Controlling the Beast Risk and Controls Management in Financial Services Margaret Brooks VP Strategic Solutions October 2006 Executive Summary With regulatory responsibility falling on executives throughout the value chain and the danger of stringent and varied sanctions enterprise risk management continues to grow in importance within the financial industry. Accordingly controls for mitigation of regulatory operational and reputational risks are now garnering the same kind of attention and resources as an organization s more traditional market liquidity and credit risk management efforts. Why the new found emphasis on enterprise risk management Internal controls which are essential to good risk management now have a direct impact on the solvency and longevity of financial enterprises due to increased public scrutiny . Further the requirements for strong internal controls are unprecedented in their level of senior management awareness and accountability which include personal fines and even imprisonment . Thus we are in a new era of risk management one where controls are the remedy for risk and the term is applied to any and all of a company s risk mitigation processes procedures applications and data. Thus John Flaherty a former Committee of Sponsoring Organizations COSO Chairman whose framework was recognized by the SEC as the official one for establishing internal controls over financial reporting in a June 2003 announcement and former Vice President and General Auditor for PepsiCo says every division in a company needs to have a documented set of internal rules that control how data is generated manipulated recorded and reported. For financial institutions and their partners that s both a good rule of thumb and a very tall order. However executives are now on .

TỪ KHÓA LIÊN QUAN