MB okays new rules on management of risks, bank reporting schemes
January 21, 2006 | 12:00am
The Monetary Board (MB), the policy-making body of the Bangko Sentral ng Pilipinas (BSP), has approved the issuance of three circulars on managing risks and reporting schemes of banks.
MB chairman and BSP Governor Amando Tetangco Jr. said they have approved the release of new guidelines on Information Technology (IT) Risk Management.
Tetangco said through this issuance, the BSP wants banks to have an IT risk management process that can effectively identify, measure, monitor and control their technology risk exposure.
The circular on IT risk management contains standards consistent with internationally accepted best practices for the technology-related risk management process. As such, it allows bank management greater latitude in the design of the process that is adequate and effective relative to the complexity and sophistication of the banks operations.
At the same time, this particular circular defines various types of technology-related risks to ensure common understanding among the BSP and the regulated entities.
Technology related risks include operational risk, strategic risk, reputation risk, and compliance risk.
The new ruling also underscored the important role of auditors in providing control mechanisms for detecting deficiencies and managing risks in the implementation of technology.
"Thus, the bank should be ready to provide auditors with adequate information regarding standards, policies, procedures, applications, and systems," Tetangco said.
As a bank regulator, the BSP has to ensure proper observance of the standards and adoption of a risk management system commensurate to the level and complexity of the perceived risks.
Within the Supervision and Examination Sector of the BSP, a specialized unit called the Core Information Technology Services Unit (CITSU) has been created to take the lead in assessing the extent of compliance with set standards under the Circular.
The CITSU is staffed with personnel who have undergone the internationally accepted certification process for Information System Auditors.
MB chairman and BSP Governor Amando Tetangco Jr. said they have approved the release of new guidelines on Information Technology (IT) Risk Management.
Tetangco said through this issuance, the BSP wants banks to have an IT risk management process that can effectively identify, measure, monitor and control their technology risk exposure.
The circular on IT risk management contains standards consistent with internationally accepted best practices for the technology-related risk management process. As such, it allows bank management greater latitude in the design of the process that is adequate and effective relative to the complexity and sophistication of the banks operations.
At the same time, this particular circular defines various types of technology-related risks to ensure common understanding among the BSP and the regulated entities.
Technology related risks include operational risk, strategic risk, reputation risk, and compliance risk.
The new ruling also underscored the important role of auditors in providing control mechanisms for detecting deficiencies and managing risks in the implementation of technology.
"Thus, the bank should be ready to provide auditors with adequate information regarding standards, policies, procedures, applications, and systems," Tetangco said.
As a bank regulator, the BSP has to ensure proper observance of the standards and adoption of a risk management system commensurate to the level and complexity of the perceived risks.
Within the Supervision and Examination Sector of the BSP, a specialized unit called the Core Information Technology Services Unit (CITSU) has been created to take the lead in assessing the extent of compliance with set standards under the Circular.
The CITSU is staffed with personnel who have undergone the internationally accepted certification process for Information System Auditors.
BrandSpace Articles
<
>
- Latest
- Trending
Trending
Latest
Trending
Latest
Recommended