A probabilistic approach to IT risk management in the Basel regulatory framework: A case study. Issue 2 (8th May 2017)
- Record Type:
- Journal Article
- Title:
- A probabilistic approach to IT risk management in the Basel regulatory framework: A case study. Issue 2 (8th May 2017)
- Main Title:
- A probabilistic approach to IT risk management in the Basel regulatory framework
- Authors:
- Ibrahimovic, Semir
Franke, Ulrik - Abstract:
- Abstract : Purpose: This paper aims to examine the connection between information system (IS) availability and operational risk losses and the capital requirements. As most businesses today become increasingly dependent on information technology (IT) services for continuous operations, IS availability is becoming more important for most industries. However, the banking sector has particular sector-specific concerns that go beyond the direct and indirect losses resulting from unavailability. According to the first pillar of the Basel II accord, IT outages in the banking sector lead to increased capital requirements and thus create an additional regulatory cost, over and above the direct and indirect costs of an outage. Design/methodology/approach: A Bayesian belief network (BBN) with nodes representing causal factors has been used for identification of the factors with the greatest influence on IS availability, thus helping in investment decisions. Findings: Using the BBN model for making IS availability-related decisions action (e.g. bringing a causal factor up to the best practice level), organization, according to the presented mapping table, would have less operational risk events related to IS availability. This would have direct impact by decreasing losses, related to those events, as well as to decrease the capital requirements, prescribed by the Basel II accord, for covering operational risk losses. Practical implications: An institution using the proposed frameworkAbstract : Purpose: This paper aims to examine the connection between information system (IS) availability and operational risk losses and the capital requirements. As most businesses today become increasingly dependent on information technology (IT) services for continuous operations, IS availability is becoming more important for most industries. However, the banking sector has particular sector-specific concerns that go beyond the direct and indirect losses resulting from unavailability. According to the first pillar of the Basel II accord, IT outages in the banking sector lead to increased capital requirements and thus create an additional regulatory cost, over and above the direct and indirect costs of an outage. Design/methodology/approach: A Bayesian belief network (BBN) with nodes representing causal factors has been used for identification of the factors with the greatest influence on IS availability, thus helping in investment decisions. Findings: Using the BBN model for making IS availability-related decisions action (e.g. bringing a causal factor up to the best practice level), organization, according to the presented mapping table, would have less operational risk events related to IS availability. This would have direct impact by decreasing losses, related to those events, as well as to decrease the capital requirements, prescribed by the Basel II accord, for covering operational risk losses. Practical implications: An institution using the proposed framework can use the mapping table to see which measures for improving IS availability will have a direct impact on operational risk events, thus improving operational risk management. Originality/value: The authors mapped the factors causing unavailability of IS system to the rudimentary IT risk management framework implied by the Basel II regulations and, thus, established an otherwise absent link from the IT availability management to operational risk management according to the Basel II framework. … (more)
- Is Part Of:
- Journal of financial regulation and compliance. Volume 25:Issue 2(2017)
- Journal:
- Journal of financial regulation and compliance
- Issue:
- Volume 25:Issue 2(2017)
- Issue Display:
- Volume 25, Issue 2 (2017)
- Year:
- 2017
- Volume:
- 25
- Issue:
- 2
- Issue Sort Value:
- 2017-0025-0002-0000
- Page Start:
- 176
- Page End:
- 195
- Publication Date:
- 2017-05-08
- Subjects:
- Availability incidents -- Basel regulatory framework -- IT risk
M150 -- G210 -- G280 -- C110
Financial institutions -- Law and legislation -- Periodicals
Banking law -- Periodicals
Financial services industry -- State supervision -- Periodicals
Banks and banking -- State supervision -- Periodicals
Independent regulatory commissions -- Periodicals
346.082 - Journal URLs:
- http://www.emeraldinsight.com/journals.htm?issn=1358-1988 ↗
http://www.ingenta.com/journals/browse/hsp/jfr ↗
http://referenc.lib.binghamton.edu:2048/login?url=http://proquest.umi.com/pqdlink?Ver=1&Exp=04-23-2008&REQ=3&Cert=QcIhOmMdLEmP208E4Zn5c6Qs%2fVbfYEQ1Kcswm85p3d1aMKmozAXpypuD1AxiiI70&Pub=49308 ↗
http://www.emeraldinsight.com/ ↗
http://firstsearch.oclc.org ↗ - DOI:
- 10.1108/JFRC-06-2016-0050 ↗
- Languages:
- English
- ISSNs:
- 1358-1988
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4984.264000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 1932.xml