Вы находитесь на странице: 1из 4

IBM SALES AND DISTRIBUTION Assess, monitor and control exposure to risks.

Solution Brief Enable better IT governance and resilience.

Operational & IT Risk

solutions for financial
Over the past decade, changes caused by globalization, increases in
operational speed, regulatory requirements, and financial instrument
Highlights complexity have created a challenging environment for financial insti-
● Assess your over all risk readiness
tutions. Ultimately, managing risk and return becomes an efficiency
posture for business process and IT management task. Operational risk is a new frontier compared to
infrastructure vulnerabilities credit, market and IT risk. Information Technology support of busi-
● Design effective Information security ness process and operations must provide a reliable, secure and well
and service management processes controlled environment for businesses to grow and compete. IT sys-
and procedures tems, for example, should ensure that confidential corporate and per-
● Implement a resilient business and IT sonal data is protected from internal and external threats; the business
architecture for consistent availability is protected from cyber crime and fraud, changes or updates to the
and recoverability
systems are well managed and approved before deployment; access
● Facilitate effective enterprise-wide IT rights are monitored and approved; all of this is should be done follow-
governance controls, with role-based ing regulatory and IT governance best practices to meet ever-evolving
system access
regulatory obligations.
● Apply active operation risk correlation
and policy-based rules, engines and
performance analytics The results? An industry increasingly dependent on IT for risk man-
agement, business performance and the ability to provide differentia-
tion that grows its bottom-line profits.

The capacity to detect and to monitor operational and IT risks—and

to deal with impacts on operational stability, availability, accessibility,
and recoverability—is an important differentiator. A financial institu-
tion must have a holistic management approach to rapidly respond to
business and operational risks, a constantly updated appreciation of the
evolving range of threats to business operations and IT infrastructure
assets is critical.
IBM SALES AND DISTRIBUTION Assess, monitor and control exposure to risks.
Solution Brief Enable better IT governance and resilience.

Todays business and IT managers understand the potential risk Example operational risk offerings include:
resulting from failure in their internal processes, individuals, or
IT systems. From early warning financial impact analysis for ● A broad set of intellectual capital, including risk and
pandemics, IT and crises management, service management and
control self-assessment (RCSA) templates and opera-
continuity, availability and recovery services, IBM offers a com-
tional risk requirements, process maps, control
plete life cycle of services to improve IT governance and opera-
libraries, test libraries, governance models, roles and
tional stability. Our Operational & IT risk solutions can
responsibilities, future state roadmaps and more to
accelerate project delivery.
● A broad understanding of financial regulations and
● Operational risk monitoring and control to quantify market drivers developed through years of engage-
operational risks from the bottom up, improve under- ments with financial services customers.
standing through causal analysis, and best manage ● IBM Research assets deployed in banking and finan-
through effective key risk indicators. cial markets organizations that focus on advanced sta-
● Integrated information security risk monitoring to maxi- tistical and modeling capabilities including:
mize information availability and integrity, while helping
– Cyber-intelligence as a forward indicator of risk
to ensure its privacy and proper use.
sentiments in support of corporate brand and repu-
● Enterprise Information Security detection, prevention
tation analysis (CORBA).
monitoring, vulnerability management and intrusion
– Pandemic Impact Business Modeling (PBIM), an
intelligent model that integrates company financials
● Identity access management solutions to provide infor-
and helps prioritize risk events, defining appropri-
mation on who has access to what.
ate risk mitigation strategies specific to pandemic
● Complete service management offerings to monitor sys-
tems performance and resources capacity at all times.
– The Operational Risk Quantification (ORQ) ana-
● Business resilience management to maximize continuity,
lytical tool to quantify and mitigate operational risk
stability and recoverability of operations.
by addressing key challenges driven by regulations
● Managed service offerings that use cloud computing to
such as Basel-II.
further mitigate risks and improve responsiveness.
– IBM Risk Center of Excellence and Global
Delivery Center offers capabilities to assess IT risk
With more than 40 years of experience in the financial services
management leveraging the COSO/COBiT
industry, IBM can deliver large-scale global projects that are
Framework, analyze IT regulatory impacts, model
sensitive in nature and function across multiple organizations.
IT risk, and perform risk training, IT deployment
Our Operational &IT risk solutions include a range of capabili-
support, as well as third party assessments.
ties throughout the business risk management cycle, including
assessment and planning, design, implementation, business con-
tinuity and disaster recovery, and ongoing management and
IBM SALES AND DISTRIBUTION Assess, monitor and control exposure to risks.
Solution Brief Enable better IT governance and resilience.

By combining market-leading technology and a comprehensive As your business and IT operations execute, they can rely
services portfolio, IBM enables IT risk solutions that are on a number of IBM offerings and capabilities which
customized to your risk tolerance while meeting regulatory operate in the background. These include:
requirements. These include:
● Operational Risk Reporting Information Foundation –
● People and identity management—lower costs and miti- which provides information for regulatory compliance
gate the risks associated with managing user access to and IT audits based on five critical operational areas:
corporate resources. Our managed identity capabilities access, segregation of duty, change management, IT
provide a secure identity management solution, through operations and application development
either a hosted or client premise model, that supports ● Enterprise Security Risk Monitoring – which can ana-
compliance while enabling collaboration across a diverse lyze and correlate event information from multiple data
user base. sources and applications while monitoring transactions,
● Data and information protection—understand, deploy events and information that flow through a targeted
and properly test controls around access to and usage of business process all the while looking for occurrences of
sensitive financial business data. Our data encryption and unexpected results and continuously updating an auto-
leakage protection capabilities help you define, manage mated virtual auditor
and enforce end-to-end data protection polices and pro- ● IT and infrastructure risk and resilience capabilities –
cedures for structured and unstructured data. IBM can which systematically diagnoses root causes of IT and
help you automate the prevention and discovery of data infrastructure risks such as availability, recovery, security,
leakage events and help you protect existing (email and service and change management and then prescribes
laptop) and emerging (removable storage, smart phone) actions to reduce risk and improve operations
and as-yet unidentified threats. ● IT security infrastructure capabilities – which deal with
● Web application and process management—proactively IT risk across your extended enterprise, protects infor-
identify application vulnerabilities, assess compliance mation assets and prevents problems before they occur,
requirements and improve the accuracy and reliability of enabling you to pursue new business initiatives securely
online systems. while ensuring you have the processes and technologies
● Network, server and endpoint security—optimize busi- in place to safeguard your systems, applications and
ness service availability by mitigating risks while opti- information
mizing security expertise, technology and process. ● Business continuity infrastructure capabilities – which
help minimize downtime and streamline recovery
processes with proven strategies for business continuity
and plans for high availability and recovery
IBM SALES AND DISTRIBUTION Assess, monitor and control exposure to risks.
Solution Brief Enable better IT governance and resilience.

IBM is here to help you enable projects to deal with various types of opera-
tional and IT risk, as well as other approaches to integrating risk management
across the enterprise. The IBM Banking Industry Framework has been estab-
© Copyright IBM Corporation 2009
lished to combine the power of IBM software with banking-specific software
extensions, solution accelerators and best practices, to help you deploy a variety IBM Corporation
Route 100
of solutions. Specifically, the framework can help you deploy operational & IT Somers, NY 10589
risk solutions faster and at lower cost with less risk. The IBM framework can
Produced in the United States of
help you migrate to a more strategic and flexible technology architecture that is
aligned with the needs of your business, one project at a time. Take advantage October 2009
of a structured approach that combines best-in-class industry assets, repeatable All Rights Reserved
software patterns and IBM Business Partner offerings to take a holistic IBM, the IBM logo and ibm.com are
approach to monitoring and managing financial risk, financial crimes detection trademarks or registered trademarks of
and prevention, operational and IT risk, and governance and compliance. International Business Machines
Corporation in the United States, other
countries, or both. If these and other
For more information IBM trademarked terms are marked on
their first occurrence in this information
To learn more about Operational & IT risk solutions for financial services, with a trademark symbol (® or ™), these
please contact your IBM representative or IBM Business Partner, or visit: symbols indicate U.S. registered or
ibm.com/banking or ibm.com/financialmarkets common law trademarks owned by
IBM at the time this information was
published. Such trademarks may also be
registered or common law trademarks in
other countries. A current list of
IBM trademarks is available on the
Web at “Copyright and trademark
information” at ibm.com/legal/
Other product, company or service
names may be trademarks or service
marks of others.

Please Recycle