Chapter 25
The Role of the IT Department in Daily Operations
25.1 INTRODUCTION
The information technology department of an investment firm has two primary responsibilities:
- Managing “business as usual” activities: These activities include:
– Ensuring that applications are stable
– Ensuring that applications can cope with normal business volumes
– Documenting deficiencies, fixing them and devising and documenting workrounds
– Ensuring appropriate data security
– Ensuring that system development keeps pace with user requirements
– Ensuring that systems integrate effectively
– Minimising manual intervention
– Dealing with data integrity issues appropriately
- Managing business change: These activities include:
– Aligning the IT strategy with business strategy
– Aligning delivered solutions with strategic business drivers
– Managing and monitoring the risks of introducing change
– Providing visibility of risk to stakeholders.
The department needs to manage these activities in such a way that it minimises operational risk. In Chapter 8 we saw the seven operational risk events that had been defined by Basel II:
- Internal fraud: Misappropriation of assets, tax evasion, intentional mismarking of positions, bribery
- External fraud: Theft of information, hacking damage, third-party theft and forgery
- Employment practices and workplace safety: Discrimination, workers’ compensation, employee health and safety
- Clients, products and business practice: Market manipulation, antitrust, improper ...
