This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Technology Governance:The CFO’s RoleTuesday, June 18, 2013 11:30 AM – 12:30 PM
• The banking technology steering committee isresponsible for overseeing the technology relatedfunctions of the Bank with particular attention tooperational risk management. The committee isresponsible for setting the information technologystrategic direction, recommending informationtechnology policies, procedures and standards;reviews and recommends priorities for thedevelopment of applications and for capital requests;and serves as an information-sharing forum.
www.fmsinc.org | 800-ASK-4FMS
• The banking technology steering committee isresponsible for overseeing the technology relatedfunctions of the Bank with particular attention tooperational risk management. The committee isresponsible for setting the information technologystrategic direction, recommending informationtechnology policies, procedures and standards;reviews and recommends priorities for thedevelopment of applications and for capital requests;and serves as an information-sharing forum.
slide 17
Technology CommitteeResponsibilities
• The Committee will have the responsibility to:– Review and approve the organization's technology planning and
strategy.– Review significant technology investments and expenditures.– Monitor and evaluate existing and future trends in technology that
may affect the organization's strategic plans, including monitoringof overall industry trends.
– Request reports from management concerning the organization'stechnology operations.
– Oversee the risks associated with technology, including riskassessment and risk management.
www.fmsinc.org | 800-ASK-4FMS
• The Committee will have the responsibility to:– Review and approve the organization's technology planning and
strategy.– Review significant technology investments and expenditures.– Monitor and evaluate existing and future trends in technology that
may affect the organization's strategic plans, including monitoringof overall industry trends.
– Request reports from management concerning the organization'stechnology operations.
– Oversee the risks associated with technology, including riskassessment and risk management.
slide 18
Technology CommitteeMembers
• Should be representatives from each of thevarious business units– Administration– Branch operations– Deposit operations– Finance– Loan operations– IT Leaders– Mobile banking– Marketing
www.fmsinc.org | 800-ASK-4FMS
• Should be representatives from each of thevarious business units– Administration– Branch operations– Deposit operations– Finance– Loan operations– IT Leaders– Mobile banking– Marketing
slide 19
IT vs. Business OwnerPerspectives
www.fmsinc.org | 800-ASK-4FMS*Source: Forrester Research, Changing State of IT Operations, October 2012
slide 20
Components of aSuccessful Technology Plan• Technology plan should follow overall strategic plan
– Accounting for major business goals and objectives
• Technology plan typically includes:– Needs assessment– Initiative descriptions, goals, justification, timeline– Measurable objectives– Hardware, software and facility needs– Training and staff development plan– Budget and rationale, evaluation method, timeline
www.fmsinc.org | 800-ASK-4FMS
• Technology plan should follow overall strategic plan– Accounting for major business goals and objectives
• Technology plan typically includes:– Needs assessment– Initiative descriptions, goals, justification, timeline– Measurable objectives– Hardware, software and facility needs– Training and staff development plan– Budget and rationale, evaluation method, timeline
slide 21
Planning Considerations• Windows XP, Office 2003, Exchange 2003 and SQL
2000 will not be supported after April 2014
• Converged infrastructure – Continue to own thehardware/software while allowing for easy expansionand growth along with true DR and fault tolerance
• Business continuity / DR assessments
• Technology / Security assessments
• Outsourcing IT helpdesk, monitoring and support
• CIO Outsourcing
www.fmsinc.org | 800-ASK-4FMS
• Windows XP, Office 2003, Exchange 2003 and SQL2000 will not be supported after April 2014
• Converged infrastructure – Continue to own thehardware/software while allowing for easy expansionand growth along with true DR and fault tolerance
• Business continuity / DR assessments
• Technology / Security assessments
• Outsourcing IT helpdesk, monitoring and support
• CIO Outsourcingslide 22
IT Trends
www.fmsinc.org | 800-ASK-4FMS*Source: Gartner Agenda Overview for Banking and Investment Services, January 2013
slide 23
MeasuringReturn on Investment
www.fmsinc.org | 800-ASK-4FMS
MeasuringReturn on Investment
slide 24
Barriers to MeasuringROI
• ROI on technology projects isn’t clear cut• Most projects have both an indirect/direct
portion• Both new and old systems are involved in
single processes• Have to account for the people factor
www.fmsinc.org | 800-ASK-4FMS
• ROI on technology projects isn’t clear cut• Most projects have both an indirect/direct
portion• Both new and old systems are involved in
single processes• Have to account for the people factor
slide 25
ROI Measurement Basics
• Develop a business case outline– Utilize for new projects– Standardize questions and calculations
• How will the project benefit the business?• How will it decrease expenses, increase
efficiency?• Cost to maintain the project long-term?
www.fmsinc.org | 800-ASK-4FMS
• Develop a business case outline– Utilize for new projects– Standardize questions and calculations
• How will the project benefit the business?• How will it decrease expenses, increase
efficiency?• Cost to maintain the project long-term?
Delivering Operational Results Mobile Technologies
www.fmsinc.org | 800-ASK-4FMS*Source: Top 10 Business & IT Priorities for 2013, Gartner 2013
Reducing Enterprise Costs Cloud Computing
Attract & Retain New Customers Collaboration Technologies
Improve IT application andinfrastructure
Legacy Modernization
slide 30
Establish IT Priorities• Start your budgeting process by defining your
next year IT priorities by reviewing thefollowing:– Strategic plan– Technology plan– Day-to-day operations– BCP/Disaster recovery– Operational efficiency / Revenue generation
www.fmsinc.org | 800-ASK-4FMS
• Start your budgeting process by defining yournext year IT priorities by reviewing thefollowing:– Strategic plan– Technology plan– Day-to-day operations– BCP/Disaster recovery– Operational efficiency / Revenue generation
*Source: McGladrey, 8 Areas to Boost Performance, May 2013slide 31
Review Known Expenses
• Existing software licenses• Equipment depreciation• Hiring and payroll• Third party services• Audits and compliance
www.fmsinc.org | 800-ASK-4FMS
• Existing software licenses• Equipment depreciation• Hiring and payroll• Third party services• Audits and compliance
slide 32
Account forAnticipated Items
• New equipment (remember new hires)• Upgrades of legacy equipment• Third party services• New technologies
www.fmsinc.org | 800-ASK-4FMS
slide 33
Evaluate your Efficiency
• Compile a list of all of your key technology systems –both in-house and outsourced
• Determine the main purpose of each listed systemand if there is overlap between the capabilities of thesystems
• Survey system users to identify the user’s data entryprocess to identify if data is being re-entered intomultiple systems
www.fmsinc.org | 800-ASK-4FMS
• Compile a list of all of your key technology systems –both in-house and outsourced
• Determine the main purpose of each listed systemand if there is overlap between the capabilities of thesystems
• Survey system users to identify the user’s data entryprocess to identify if data is being re-entered intomultiple systems
*Source: McGladrey, 8 Areas to Boost Performance, May 2013
slide 34
Budgeting Considerations• Strategic/Technology plan initiatives• Software end-of-life• Out of date equipment• Provider contracts• Product/process efficiencies
www.fmsinc.org | 800-ASK-4FMS
• Strategic/Technology plan initiatives• Software end-of-life• Out of date equipment• Provider contracts• Product/process efficiencies
slide 35
2012 IT Budgets byActivity
www.fmsinc.org | 800-ASK-4FMS*Source: Forrester Research, October 2012
slide 36
2012 IT Spendby Category
www.fmsinc.org | 800-ASK-4FMS*Source: Forrester Research, October 2012
slide 37
Technology’s Impact onEnterprise
Risk Management (ERM)
www.fmsinc.org | 800-ASK-4FMS
Technology’s Impact onEnterprise
Risk Management (ERM)
slide 38
What is ERM?
• Risk management practices that providea holistic view of all material risks of afinancial institution integrated within keydecision-making processes across theenterprise
www.fmsinc.org | 800-ASK-4FMS
• Risk management practices that providea holistic view of all material risks of afinancial institution integrated within keydecision-making processes across theenterprise
*Source: McGladrey, Scaling ERM to fit community banks, November/December 2012
slide 39
What is the benefit?
• An enterprise-wide view of risk can helpfinancial institutions improve profitabilityand ensure an efficient use of limitedcapital resources.– This can be accomplished by comparing
returns to risks and using this informationto target business lines or portfoliosegments with the highest returns.
www.fmsinc.org | 800-ASK-4FMS
• An enterprise-wide view of risk can helpfinancial institutions improve profitabilityand ensure an efficient use of limitedcapital resources.– This can be accomplished by comparing
returns to risks and using this informationto target business lines or portfoliosegments with the highest returns.
*Source: McGladrey, Scaling ERM to fit community banks, November/December 2012
slide 40
The ERM ProcessStrategic PlanWhat are our
goals?
Risk AppetiteWhat risk are wewilling to accept?
MonitoringWhat are the key
indicators?
www.fmsinc.org | 800-ASK-4FMS
Risk AppetiteWhat risk are wewilling to accept?
RisksWhat are the risks
we face?
ControlsHow do we limit
our risk?
slide 41
Key Concepts
• To identify controls you must know whatrisks are present.
• To know the risks you need tounderstand the objectives being sought.
www.fmsinc.org | 800-ASK-4FMS
• To identify controls you must know whatrisks are present.
• To know the risks you need tounderstand the objectives being sought.
Objectives Risks Controls
slide 42
Getting Started
• Establish a risk culture• Define your risk appetite• Develop your line of defense
– Business line employees– Risk oversight committees– Internal audit
• Keep open lines of communication• Establish a forward-looking approach
www.fmsinc.org | 800-ASK-4FMS
• Establish a risk culture• Define your risk appetite• Develop your line of defense
– Business line employees– Risk oversight committees– Internal audit
• Keep open lines of communication• Establish a forward-looking approach
*Source: McGladrey, Scaling ERM to fit community banks, November/December 2012
slide 43
Develop your KRIs• Review the key activities in your business lines, remember to
include operational areas• Determine which of those activities are critical and measurable
• Network Uptime• Security Breeches• System/Subsystem integration issues• Timeliness of Updates• User / Customer Issues• BCP Preparedness/Testing• Exam Results
• Based on your risk appetite determine the acceptable rangefor risk
• Consistently monitor and report – watch the trends!
www.fmsinc.org | 800-ASK-4FMS
• Review the key activities in your business lines, remember toinclude operational areas
• Determine which of those activities are critical and measurable• Network Uptime• Security Breeches• System/Subsystem integration issues• Timeliness of Updates• User / Customer Issues• BCP Preparedness/Testing• Exam Results
• Based on your risk appetite determine the acceptable rangefor risk
• Consistently monitor and report – watch the trends!