Devices pose governance risk

Financial services companies are using COBIT 5 to ensure that while they are developing new and innovative customer-centric products for use across multiple devices, they are still compliant and adhere to acceptable governance requirements.

In this mobile era, computers, laptops, tablet devices and smart phones have become the new bank ‚’branches’. Customers are used to accessing banking services anywhere, fast, conveniently and most importantly safely, without having to worry about additional risks.

It is with this in mind that financial institutions need quality information, as they rely on it to ensure that the services they are delivering are of the highest standard, they meet with governance and compliance requirements, and that it assists them in retaining and attracting customers.

‚”Information is a key resource for all enterprises, and from the time that information is created to the moment that it is destroyed, technology plays a significant role,‚” states Willie Venter at Quintica. ‚”IT is rapidly advancing and has for the most part become pervasive in enterprises as well as in social, public and business environments.‚”

According to Venter, this is a particularly pervasive trend facing financial services companies as they need to take this information generated from these devices and create innovative products and services that will help them manage costs, reduce security risks, and most importantly to assist in adhering to relevant laws and compliance requirements.

Enter COBIT 5, a globally accepted framework providing an end-to-end business view of the governance of enterprise IT that reflects the central role of information and technology in creating value for enterprises. COBIT 5 builds on five principles and seven enablers, which according to the organisation are designed to: ‚”assist enterprises to meet their goals and realise business benefits through the effective use of IT while maintaining IT related risks at an acceptable level.‚”

‚”Customers want to bank with a financial institution that provides innovative banking solutions that are cost effective and efficient, while providing assurance in security, quality, speed and reliability. Some financial institutions are on the right path and others are trailing behind. COBIT 5 provides guidance for all such institutions regardless of size and helps them adhere to governance requirements along the way,‚” states Venter.

One of the COBIT 5’s principles is ‚”Meeting Stakeholder Needs‚”. These stakeholder needs must be transformed into actionable goals. Another principle is covering the Enterprise end to end. This principle ‚”addresses the governance and management of information and related technology from an enterprise wide‚” perspective for a seamlessly integration in any governance system.

Technology continues to play a major role in the provision of Internet banking, automated teller machines, point of sale and mobile banking solutions. It is here that business and IT need to meet in order to make the right decisions regarding the right technology applications to invest in: employment of people with the right behaviour, skills, and competencies: and the establishment of processes required to deliver and support these applications and services.

‚”The combined teams also have to put policies in place that protect their customer’s information and maintain the integrity of their institutions by means of a code of ethics, which encourages a culture of excellent customer service and ensures financial transparency,‚” states Venter. ‚”To achieve this, COBIT 5 provides guidance by means of its enablers, namely: policies, principles and frameworks, processes, organisational structures, culture, ethics and behaviours, information, services, infrastructure and applications, people, skills and competencies.

‚”To this end, COBIT 5 offers financial institutions the tools to better manage and enable their business all within the law. It also understands that because of these myriad methods to access your bank, risks are increased, and it (COBIT 5) provides guidance to manage these and other complex IT challenges, save costs and achieve more efficient and effective service delivery to maintain customer satisfaction,‚” ends Venter.

*