1 / 29

IT MANAGEMENT IN BANKS, RISK MANAGEMENT OF „IT”

IT MANAGEMENT IN BANKS, RISK MANAGEMENT OF „IT”. Ferenc Olti Inter Európa Bank 3736470, oltif@ieb.hu. Business strategy. We can’t talk about any successful business activity without business strategy. Need to answer at least the following questions:

jed
Download Presentation

IT MANAGEMENT IN BANKS, RISK MANAGEMENT OF „IT”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IT MANAGEMENT IN BANKS, RISK MANAGEMENT OF „IT” Ferenc Olti Inter Európa Bank 3736470, oltif@ieb.hu

  2. Business strategy • We can’t talk about any successful business activity without business strategy. Need to answer at least the following questions: • How much money do we want to earn and what period? • What we want to do with the profit? • To reach our target, what do we want to sell and to whom? • How do we want to sell it? • We can’t talk about any successful business strategy without IT strategy!

  3. The business and IT strategy relationship • The IT strategy is part of the business strategy • The IT has an important role in the realisation, creation, but IT isn’t the”owner” • Nothing works without commitment of the management

  4. IT roles • Initiate ??? • Co-operate • planning • make • to follow up

  5. The leading role of the IT and it’s responsibility • Knowing the business • to be a partner • be part in the creation of the company culture • to create a team

  6. The place of the IT in the organisation chart IT must be on the same level as business departments and not subordinated to them!

  7. The relationship of IT and business • Internal relationship and their problems • Who should initiate ? • Who should keep eye the external world ? • Who manage the budget ? • External relationships • IT realisation and contract details

  8. How should IT be motivated? • IT also have to be sales-oriented • Development and operation have to be strictly separated (conservative – creative) • Permanent dealing with the security questions

  9. SECURITY • The bank security was always an important question, stable disciplines, but there are new challenges • Physical security is important and visible but the real risk is in IT • The new challenges basically IT type • Information has never seemed to be so centralised • new products depending on IT • necessity of prompt decision • fraud monitoring • scoring

  10. Security challenges caused by the centralisation of information • Planning of business continuity (BCP) • save and reload strategy and practice • duplication, same or diverse place • hardware • disks, servers • files • organisation of business process for crises • people availability

  11. A Security challenges caused by the centralisation of information • Human recourses, is the biggest challenge • system administrators reliability • financial security • stable family background • mental and bodily health • authority handling • new employee authentication • leavers • training

  12. Security challenges caused by the centralisation of information • Reduce possibility of collusion • to deal strictly with double checking • cashier safety • the best bank security expert is the good accountant • to see, not only to watch

  13. New products depending on IT • Active electronic distribution channels • protection against penetration • continuously penetration test • virus protection • client identification, legal questions • password, digital signature, etc. • real-time operation risks

  14. New products depending on IT • E-commerce • B2C card-acquire risk

  15. Example: card business

  16. Types of fraud • Cardholder fraud • card cloning • high risks • stolen card number • e-purchase • risk can be reduced • Card not present

  17. Types of fraud (2) • Merchant fraud • collusion • creative fraud

  18. Issuer’s risks • Complete responsibility after forbidding, from 1/12/02 limited before • Client unsatisfactory, also if he isn’t right • EU regulation

  19. Cardholder’s risks • Complete risk take-over until forbidding, but change after 01/12/02 • unknowing the contract • unknowing rules

  20. Merchant risks • Unlimited on internet • risk of being on black list • inconvenience of authorisation request

  21. CARDGUARD • Active limit management • 0 limit • Normal limit • No limit • technical realisation • disposable card number

  22. Fraud monitoring • Real-time fraud monitoring • expensive • it could cause inconvenience to the client • secure • post monitoring • together with a good limit managing is sufficient

  23. FRAUD MONITORING • Follow up in general • manual • expert • Programmed • internal development • ready made packages • role of the card companies

  24. THANK YOU

  25. The e-business like the football, everybody talks about it, either they are interested in it or they have to or it’s fashion.We are using clichés day by day, but no really think about it’s true or not.

  26. Necessity to set up clear targets • Give information or do active business? • Give information • internal information • external information • advertisement • active business • B2B, B2C ? • Alone or with somebody? • Trust chain • How shall we react on the pressures? • Are we small or big ? What do we think about it ?

  27. E- business risks • Almighty role is overestimated • Possibilities are underestimated • Disharmony of the offer and the shipping facilities • unsolved logistic problems • Possibility to loss prestige

More Related