General discussion

Locked

Should banks focus on risk management?

By debate ·
Do you agree that companies should focus their IT spending on risk management? How does your organization focus its IT spending? Tell us what you think about focusing IT spending on risk management, as featured in this week's IT Financial Services e-newsletter.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Risk management spending

by ltolevaz In reply to Should banks focus on ris ...

Risk management spending on times of turbulence is a must;it should be done to obtain critical information on the economics of markets trends of each sector where the banks have or plan to loan money, this on top of client knowledge and its managerial capabilities. However, all these risk management activities need to be grounded on a sound IT infrastructure.

Collapse -

Risk management spending

by ltolevaz In reply to Should banks focus on ris ...

Risk management spending on times of turbulence is a must;it should be done to obtain critical information on the economics of markets trends of each sector where the banks have or plan to loan money, this on top of client knowledge and its managerial capabilities. However, all these risk management activities need to be grounded on a sound IT infrastructure.

Collapse -

Say what?

by c.barnhorst In reply to Risk management spending

Can you say this at a lower reading level?

Collapse -

I am the NetAdmin for a Bank

by radiic In reply to Should banks focus on ris ...

With the new Graham/Bliley Act, it seems that the occ is focusing on all types of Risk Management, and forcing banks to do it anyways. We even have to have a vendor Management policy and procedure in place. We have so many policies for assesing risks that I am Policied out. Why cant i just work on my firewall or my router and have some fun>?

Rad

Collapse -

Regulations

by pjohnson In reply to I am the NetAdmin for a B ...

As we have seen, banks, credit card companies, online vendors, etc. are having a terrible time maintaing effective security controls over the "non-public sensitive information" provided by customers. An informational security program incorporates Risk Management, Disaster Recovery Plans, Business Continuity plans, Policies and Procedures (IT), Penetration testing, Internal Vulnerability analysis, Vendor due diligence, etc. This is an ongoing effort to secure customer data from hackers and malicious intent.
Personally, the regulators are as frustrated about it as you. Most Don't know what an effective security program contains, much less how to analyze one for effectiveness. Therefor, naturally youd be frustrated putting all kinds ofwork into something that the auditors have limited skills in comprehending. My heart goes out to you, but these are necessary growing pains.

Collapse -

I agree with you, I was just venting

by radiic In reply to Regulations

I know people are really worried about Identiy theft and things of that nature. We are in the process of making sure all our policies and practices comply and surpass in all the areas you mentioned. But just remember all those polices in place. They are only worth the paper they are written on if the staff follows them.

Collapse -

Enforcement

by pjohnson In reply to I agree with you, I was j ...

That's why there must be a security/compliance officer ready to jump in and dole out lashings to those that do not see themselves and thei actions as vital in the realm of total security. Regular training and retraining, testing (social engineering, etc.) can help with this. Also, a monthly public execution or beating should keep their minds on it ;).

Collapse -

It's all about the money.

by c.barnhorst In reply to Should banks focus on ris ...

The Bank cannot make money if it gets bad press from some hacker break in and the theft of, say, 20,000 credit card files. It doesn't matter what really happened if that is how the press reports it. People put money in a bank to feel secure first and perhaps make a little interest second. Of course a bank should focus on risk management. People actually brag on how securely placed their money is.

Back to Desktop Forum
8 total posts (Page 1 of 1)  

Related Discussions

Hardware Forums