Newsletter, October 2009 - IDRBT

More documents

Recommendations

Info

Fast Forward October 2009 IT Risk Management Having logged into Basel II already, banks are only too aware that pervasive IT constitutes 70% of their Operational Risk. In other words, 7% of the additional capital they have to provide (with an alpha of 10%) for operational risk will be to cover their IT risks. These IT risks can be more effectively managed with an organizational mechanism, with board level commitment, which makes use of sound policies, for each and every aspect of IT deployment, usage and control, backed up by international standards and best practices. These policies get translated into procedures at the top management level and these procedures get split into detailed practices (and guidelines) for the grass root functionaries to religiously follow. A functional, supportive organisational structure is a sine qua non for the successful implementation of the policies and satisfactory achievement of the objectives. Banks need to have an effective IT Risk Management in place. In fact, it is time for the banks to take stock of the policies in place, the level of commitment, understanding and implementation, and put in place the required organisational structures to support and achieve the desired results. IT Resource Management IT Resources can be broadly classified into five major categories: Data, Applications, Technology, Facilities and People. Acquiring, maintaining, using, leveraging, protecting and ultimately ensuring that all these resources are put to effective and proper use to achieve the corporate business objectives will demand enormous clarity, time, attention and commitment from bank managements and the involvement of the rank and file. Each of these resources should have clearly defined owners, mandated access and usage control matrices, backup and recovery norms and accepted/acceptable standards of performance and reliability to make them serve the purpose for which they exist. Banks have to gear themselves up in this regard for getting the best out of their IT. NEW DIRECTIONS : A High-powered committee under the Chairmanship of Dr. C. Rangarajan reviews the Institute's activities to redefine the role of IDRBT 2
Fast Forward October 2009 IT Performance Measurement This is one of the most difficult nuts to crack. This becomes all the more difficult if there is no clarity on what the IT Infrastructure is expected to deliver. Ideally we should have two inputs – what the IT Resource is expected to deliver and how it is supposed to impact the business process or objective. To start with, banks can look at the first part which may be a little easier than the second. The first part, for example, will be to measure and monitor the cost per page for using a specific printer with the help of specific warranties, guarantees and service level agreements for maintenance. What the bank does with all those print-outs or whether there are controls on what is allowed to be printed is another difficult part to be considered to arrive at the business impact of this printer (irrespective of whether it is an impact printer or not!). In short, IT Performance Measurement is all about setting or arriving at Key Goal Indicators (KGIs) and Key Performance Indicators (KPIs), prior to performance and not after. KGIs refer to progress in terms of what exactly is to be done and KPIs talk about how well the task is to be done. For example KGIs talk about milestones like number of branches or regions covered, KPIs talk about accuracy levels, satisfaction levels, organizational learning that happens in the process of implementation etc. While KGIs look at outputs, KPIs look at outcomes. The monitoring mechanism relies as much on clearly observable and measurable indicators as the frequency of collection and the accuracy of the data elements involved. The level of the hierarchy at which the overall performance gets reviewed decides the level of effectiveness of the performance measurement process as a whole. There is an urgent need for adopting IT Governance. The time is ripe for banks to take it up seriously and for the boards to insist on top priority being accorded to this vital issue of governance. By M.V. Sivakumaran, Assistant Professor, IDRBT Achievements Dr. V. Ravi, Assistant Professor, IDRBT, has received an H-index of 8, computed based on the citations for his papers. His paper, "Optimization of Complex System Reliability by Modified Great Deluge Algorithm", published in the Asia-Pacific Journal of Operational Research, 21, 4, 2004, 487-497, is listed in the Top Accessed Articles by the Journal in 2008. The paper titled "Software Cost Estimation using Wavelet Neural Networks", K. Vinay Kumar, V. Ravi, Mahil Carr & N. R. Kiran, published in the Journal of Systems and Software 81, 11, 2008, 1853-1867 was listed as the 10th Hottest paper during Oct-Dec 2008 in Top 25 Hottest articles published in the Journal. 3
Page 1 and 2: ISSN 0973-2527 Volume 12 No. 1 Fast
Page 3: Fast Forward October 2009 A CASE FO
Page 7 and 8: WINNERS ALL : Dr. D. Subbarao, Gove
Page 9 and 10: Fast Forward October 2009 Best Use
Page 11 and 12: BANKING FOR MASSES : Smt. Usha Thor
Page 13 and 14: Fast Forward October 2009 Other SFM
Page 15 and 16: Fast Forward October 2009 Reduced c
Page 17 and 18: Fast Forward October 2009 Even thou
Page 19 and 20: FORTHCOMING PROGRAMMES DURATION PRO

Newsletter, October 2009 - IDRBT

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?