1 / 36

The New BC Professional (Operational Risk Management & IT Infrastructure)

The New BC Professional (Operational Risk Management & IT Infrastructure) Hero to Cabana Boy June 7, 2016 ACP Dallas Texas By Michael Carter. Agenda. Setting the Stage -Getting to know your audience -The Changing Environment of BC Top 10 Risk in 2016 from CEOs

inara
Download Presentation

The New BC Professional (Operational Risk Management & IT Infrastructure)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The New BC Professional (Operational Risk Management & IT Infrastructure) Hero to Cabana Boy June 7, 2016 ACP Dallas Texas By Michael Carter

  2. Agenda Setting the Stage -Getting to know your audience -The Changing Environment of BC Top 10 Risk in 2016 from CEOs -Regulatory, Cyber threats, New Tech, Economic Conditions, -Attract and remain talent, privacy and ID protection Three to Four Stories (to ensure success) -What all mothers teach their kids -Coming along Side One another -Adapt quickly -Thankful Heart Many Opportunities -Risk Management -IT Infrastructure

  3. Know your Audience • Business Continuity? • Disaster Recovery? • Crisis Management? • Employee Preparedness? • Emergency Response? • Risk Management? • Vendor Management? • Cyber Security? • Compliance? • Audit? • Sales? • Other? • New? Up to 1 year • Med? 1-5 • Seasoned? 5 to 10 • Very Seasoned ? 10 Greater

  4. Changing Environment for BC Professionals On Going Changes • Management Support • Financial Budget • Focus • Risk (Cyber Security) Financial Pressures • Cut Training • Cheaper Resources • Less Funding • Outsourcing • Profit Driven Doing More with Less • Lack of Management Understanding • Adding more value Proactive not reactive • Re-inventing yourself • Look for Opportunities

  5. 2016 Executive Perspective on Top Risks (Protiviti) Top 10 Risk Overall (Help Solve the Risks) • Regulatory Change and heighten regulatory scrutiny • Economic Conditions may restrict growth opportunities • Concerns about cyber threats disrupting core operations • Succession challenges and the ability to attract and retain talent • Privacy and Identify Protection • New technology within the industry outpace company ability to compete or manage risk appropriately • Resistance to change may restrict originations from making necessary • Anticipate volatility in global financial markets and currencies • Org culture may not sufficiently encourage the timely id and escalation of risk issues • Hard to sustain customer loyalty with evolving and Customer preference and demographic shifts

  6. 2016 Executive Perspective on Top Risks (Protiviti) Top 10 Risk Overall (Help Solve the Risks) • Regulatory Change and heighten regulatory scrutiny • Economic Conditions may restrict growth opportunities • Concerns about cyber threats disrupting core operations • Succession challenges and the ability to attract and retain talent • Privacy and Identify Protection • New technology within the industry outpace company ability to compete or manage risk appropriately • Resistance to change may restrict originations from making necessary • Anticipate volatility in global financial markets and currencies • Org culture may not sufficiently encourage the timely id and escalation of risk issues • Hard to sustain customer loyalty with evolving and Customer preference and demographic shifts

  7. 2016 Executive Perspective on Top Risks (Protiviti) Top 10 Risk Overall (Help Solve the Risks) • Regulatory Change and heighten regulatory scrutiny • Economic Conditions may restrict growth opportunities • Concerns about cyber threats disrupting core operations • Succession challenges and the ability to attract and retain talent • Privacy and Identify Protection • New technology within the industry outpace company ability to compete or manage risk appropriately • Resistance to change may restrict originations from making necessary • Anticipate volatility in global financial markets and currencies • Org culture may not sufficiently encourage the timely id and escalation of risk issues • Hard to sustain customer loyalty with evolving and Customer preference and demographic shifts • BC-Risk etc. • Credit & Market Risk • Crisis Mgmt. & Cyber Security, Risk • Talent Acquisition, Total rewards • Security PII & PCI • Marketing, 5-3-1 year Planning, bus. Dev. • Values, Culture & Objectives • Market and Credit Risk • Risk-BC-IT-Cyber Security • BC-Risk-Social Media

  8. Everyone wants to be a Hero! Hero! Yearly Time Line

  9. Everyone wants to be a Hero! Cabana Boy! Yearly Time Line

  10. Everyone wants to be a Hero! HerotoCabana Boy! Reality Yearly Time Line

  11. Stories (To Encourage, Remind & Inspire) BC Professionals #1 What all mothers Teach their Children #2 Coming Along Side one another #3 Adapt Quickly # 4 A Thankful Heart

  12. Many Opportunities (#1 Risk Management) What is Risk Management Is the process of identifying, assessing, evaluating and responding to risk factors throughout the company Why get involved in Risk Management? • Executives and Management have become interested in Risk Management in the last 5 years • Role of companies to increase shareholder wealth • Maximize returns • Minimize Risk • Risk Management There forth is an integral part of managing a business • Risk Management is a proactive process-Not reactive Energy around BC & Risk Management • Reuse the Same Data of BC • BC is Risk Management-BC is a control • Repeatable Process (like BC) • Annually Updated • Tall to all the same leaders • Proactive Risk Activity

  13. Many Opportunities (#1 Risk Management) Risk Management

  14. Risk Assessment-During BIA Process

  15. Risk Assessment Details-During BIA Interviews

  16. Risk Assessment Heat Map Inherent Risks

  17. Risk Evaluation

  18. Risk Plan 5

  19. Risk Management

  20. Many Opportunities (#2 Infrastructure Assessment) The Story What is Infrastructure Assessment Is the process of identifying, assessing, evaluating and responding to risk factors throughout the Infrastructure Why get involved in Infrastructure Assessments? • IT Executives and IT Management have become interested in Infrastructure Assessment to understand risk in IT • Role of IT Leaders to reduce incidents, outages & disasters • Respond quickly • Minimize Risk Exposures • IT Assessment there forth an integral part of managing IT • IT Assessment is a proactive process; Not reactive Energy around IT Assessment, BC, DR & Risk Management • Reuse the Same Data as DR, BC & Risk Management • IT Assessment is the Start of IT Risk Management • Repeatable Process (like BC) • Annually Updated • Talk to all the same leaders • Proactive Risk Activity

  21. Many Opportunities (#2 IT Infrastructure) IT Infrastructure Services High Availability (Original Request) Inherent Risk • Business Impacts • Likelihood Control Areas: • Reliability • Scalability • Serviceability • Availability Reporting (IT Management & IT Executive View) • Inherent Risk Heat Map • Infrastructure Controls • Residual Risk Heat Map Originally create by IBM=(RAS) Reliability = Ability of computer related hardware, software, or service components to consistently perform according to specs. Scalability = scalability is the measure of how well a service or application can grow to meet increasing performance demands.  Serviceability = is an expression of the ease with which a component, device or system or service can be maintained and repaired. Availability = the probability that a system is operational at a given time

  22. IT Infrastructure-Scope

  23. IT Infrastructure-Scope

  24. IT Infrastructure-Core Information

  25. IT Infrastructure-High Availability

  26. IT Infrastructure-Business Impact Business Impact Rating (who) Business Impact Rating (who)

  27. IT Infrastructure-Likelihood Likelihood Definitions and Ratings Likelihood Ratings

  28. IT Infrastructure-Inherent Risk Inherent Risk: 4-10 1-3 11-14 15-16

  29. IT Infrastructure-Controls Rating Reliability & Scalability Ratings

  30. IT Infrastructure-Controls Definition Reliability & Scalability Definitions

  31. IT Infrastructure-Controls Rating Serviceability Ratings

  32. IT Infrastructure-Controls Definition Serviceability Definitions

  33. IT Infrastructure-Controls Rating Availability Ratings

  34. IT Infrastructure-Controls Definition Availability Definition

  35. IT Infrastructure-Residual Risk

  36. Questions-Thoughts-Thank you Michael.Carter@ExeterFinance.com

More Related