IT RISK MANAGEMENT BEST PRACTICES TOOLS AND PROCEDURES Prepared For Futures & Options Expo 2002 -- A Panel Discussion --

Slides:



Advertisements
Similar presentations
MGD Services, Inc. The IT Quality Assurance Specialists
Advertisements

IT Service Continuity Management
1 of 17 Information Strategy The Features of an Information Strategy © FAO 2005 IMARK Investing in Information for Development Information Strategy The.
1 IT Risk Management in Government Jonathan Smith Sr. Risk Manager Commonwealth Security and Risk Management October 1,
Pamela Norris Project Manager Kraft Kennedy & Lesser, Inc.
Public B2B Exchanges and Support Services
The Basics of Information Systems
How to commence the IT Modernization Process?
Business Continuity and Disaster Recovery Planning.
Software Quality Assurance Plan
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Alternative Methodologies Ken Peffers UNLV March 2004.
Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.
Introduction to Systems Analysis and Design
Examine Quality Assurance/Quality Control Documentation
© Copyright 2003, Binomial International Inc. Phoenix Business Continuity and Disaster Recovery Planning Software Recovery Planning Software Tools Recovery.
Why every modern manager must be proficient with Information Systems
Business Continuity & Disaster Recovery Planning at The Chicago Board of Trade Presented By: Bryan Durkin Sr. Vice President The Chicago Board of Trade.
TELLEFSEN AND COMPANY, L.L.C. SEC Regulation SCI and Automation Review Policy Compliance March 2013 Proprietary and Confidential.
| Establishing a Contingency Plan.
Introductions Jim Enzinna, Chief, Licensing Division Mark DiNapoli, Assistant Chief, Licensing Division Tracie Coleman, Head, Information Section Vince.
Introduction to Computer Technology
Release & Deployment ITIL Version 3
Chapter 4: Beginning the Analysis: Investigating System Requirements
Information Systems and the Role of General and Functional Managers
Copyright Course Technology 1999
Developing an accessibility policy. In this talk we will discuss What is an accessibility policy Why do we need one? Getting started - steps to consult.
Business Continuity and Disaster Recovery Chapter 8 Part 2 Pages 914 to 945.
Software Testing Life Cycle
Case Study on how the Navy DASN Acquisition Cut Allocated Web Technology Budget by Two- Thirds.
David N. Wozei Systems Administrator, IT Auditor.
E-TRADING SYSTEMS UPDATE November 2003 THE FIA IT DIVISION THE FIA IT DIVISIONPRESENTS FIA Expo Conference FIA Expo Conference.
1 Software Development Configuration management. \ 2 Software Configuration  Items that comprise all information produced as part of the software development.
Introduction to Information and Computer Science Information Systems Lecture c This material (Comp4_Unit9c) was developed by OHSU, funded by the Department.
THE FIA INFORMATION TECHNOLOGY DIVISION Presents A Multi-Panel Forum March, 2003 FIA Boca Conference Prepared By Tellefsen Consulting Group, Inc.
Information Availability Brett Paulson Sr. VP and Chief Information Officer Board of Trade Clearing Corporation FIA – November 7, 2002.
How To Build a Testing Project 1 Onyx Gabriel Rodriguez.
Information Security Governance and Risk Chapter 2 Part 3 Pages 100 to 141.
SAM for Virtualizatio n Presenter Name. Virtualization: a key priority for business decision makers Technavio forecasts that the global virtualization.
Continuous Deployment JEFFREY KNAPP 8/6/14. Introduction Why is it valuable How to achieve What to consider.
Introduction to Systems Analysis and Design
Reduced Cost for Using The most important justification for the companies who resorts to outsourcing is petty expenses for searching. More of that companies.
QUALITY ASSURANCE PRACTICES. Quality Plan Prepared and approved at the beginning of project Soft filing system approach followed. Filing location – –
1 THE FIA IT DIVISION PRESENTS REDUCING TRADING COSTS A PANEL DISCUSSION Moderated By: Moderated By: 2003 FIA Expo Tellefsen Consulting Group, Inc.
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Systems Analysis and Design in a Changing World, Thursday, Feb 1.
PD 38 Stress Testing for Insurers Stuart Wason Senior Director Actuarial Division OSFI CIA Annual Meeting, Halifax June 26, 2009.
Management Plan Goran Smajlagic S English 2100.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Presented to Managers. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an organization.
WATERFALL DEVELOPMENT MODEL. Waterfall model is LINEAR development lifecycle. This means each phase must be completed before moving onto the next!!! WHAT.
Protecting Your Data With Just Get Backup, LLC. Agenda How important is your data – Acknowledging worst-case scenarios. Understanding that data backup.
PD 8 OSFI Capital Update Stuart Wason Senior Director Actuarial Division OSFI CIA Appointed Actuary Seminar September 18, 2009.
12-CRS-0106 REVISED 8 FEB 2013 Software Quality Assurance by: tim pengajar RPL 1.
© 2013 MHA Consulting All Rights Reserved. 0 Presented by: Richard Long March 10, 2015 Business Alignment Or How I Learned to Stop Saying “IT”
Configuration Control (Aliases: change control, change management )
Certified Software Tester How To Build a Testing Project, Part 1.
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Server Upgrade HA/DR Integration
Overview of IT Auditing
Data and database administration
Managing the Project Lifecycle
Empower Managers to Take Ownership of Employee Engagement
Introducing Automation in Traditional Software Testing Best Practices.
Some Important Techniques For Regression Testing That You Must Know.
Software Quality Engineering
The Basics of Information Systems
Case Study 1 By : Shweta Agarwal Nikhil Walecha Amit Goyal
The Basics of Information Systems
Presentation transcript:

IT RISK MANAGEMENT BEST PRACTICES TOOLS AND PROCEDURES Prepared For Futures & Options Expo A Panel Discussion --

AGENDA I.Introduction, Purpose and Organization of This Panel Discussion II.About Our Panelists III.What Are IT Risk Management Best Practices Tools And Procedures? How Do They Work? How Do They Manage Risk? What Are Their Pros and Cons? IV.What Are Our Panelists Experiences? V.Questions From the Floor

I.INTRODUCTION, PURPOSE AND ORGANIZATION OF THIS PANEL DISCUSSION 1.INTRODUCTION In the Financial Services Industry, when you think of RM, you think of trading controls. And, those trading controls usually rely heavily on automated applications of many types and flavors. But, what if one of these critical applications failed or did not operate properly. What type of IT risk management tools does the CIO use? Whats available to him? Is a suite of risk management tools in place? How are they managed? How do they integrate? How do they manage risk?

… purpose and scope … The PURPOSE of this session is to discuss IT risk management procedures that will significantly reduce business risk, capital drain and loss of competitiveness. Its intention is to make the audience aware of these types of tools – both technologists and users alike – so they can be applied in your own offices. In fact, IT risk management is the front line in the battle to achieve business risk avoidance.

… purpose and scope … The session is organized as follows: Ill tell you the pedigrees of our panelists Next, I will give a brief introduction and explanation about what IT risk management tools are Then, I will ask our panelists to address specific questions about how they acquired these tools and how they use them And, for the last 5-10 minutes of our allotted time, we will answer questions from the audience

II. ABOUT OUR PANELISTS Steve Bass, Senior Vice President, Chief Information Officer, New York Board of Trade William Farrow, Executive Vice President, Chicago Board of Trade Brett Paulson, Senior Vice President, Chief Information Officer, Board of Trade Clearing Corporation Phillip Marks, Project Management Consultant, Rolfe & Nolan Plc Roman Szymansky, President, MicroDesign Services, Inc. Jonathan Weisblatt, Senior Vice President, eTrading/eCommerce, Man Financial Jerry Tellefsen, Moderator, Senior Vice President, Tellefsen Consulting Group, Inc.

III. WHAT ARE IT RISK MANAGEMENT BEST PRACTICES TOOLS? Rapid Application Development (RAD) Quality assurance (QA) Automated test tools Version control Disaster recovery Business continuity planning We will discuss six types of RM tools and processes today : Lets take a brief look at each.

… best practices tools … WHAT ARE THEY? There are rule-based licensed software, that once learned, allow the tool user to have thousands of lines of code developed automatically – almost instantly. WHAT BUSINESS RISK DO THEY HELP AVOID? Mainly, time to market! Imagine if development time would normally take six-nine months to complete and you can do that in one-third the time. The earlier the service is provided to the business user, the less risk there is of losing market share. RAPID APPLICATION DEVELOPMENT (RAD) TOOLS

… best practices tools … WHAT DOES IT DO … WHEN ITS DONE PROPERLY … It assures that the likelihood of failure of any new application put into production is extremely low because it has been so methodologically tested and retested. It is a very strict regimen – and almost as importantly an insurance policy for the CTO/CIO. WHAT BUSINESS RISK DOES IT HELP AVOID? Many kinds. The risk of starting up and failing because the system doesnt perform as advertised. The risk of losing disappointed users. The risk of losing the business. The risk of the CTO/CIO getting fired. QUALITY ASSURANCE (QA)

… best practices tools … WHAT DO THEY DO … They speed significantly all kinds of testing – functionality, stress and failover. They allow one to simulate and test and understand bandwidth requirements. They can be licensed from multiple sources and take some time to learn how to use properly – but well worth investigating. WHAT BUSINESS RISK DO THEY HELP AVOID? Many! Including but not limited to: speedier testing of new and revised software (time to market) and ensuring no system failure when running at maximum capacity. AUTOMATED TEST TOOLS (ARROWS IN THE QA QUIVER)

… best practices tools … WHAT DOES IT DO … Version Control (aka Change Management) keeps track of where (in which computers) each version of application and system software is running. Its methodology ensures that all preliminary steps required to verify the readiness of a new software version to go into production has been accomplished. WHAT BUSINESS RISK DOES IT HELP CONTROL? Mainly, that mission critical applications dont go down when new versions of application and system software are upgraded. It ensures that old versions of existing software will work as expected with the application version being upgraded, and that new features and bug fixes are actually implemented in new releases. VERSION CONTROL

… best practices tools … WHAT DOES IT INCLUDE … First, D/R is not the same as failover. D/R is a capability to keep computer systems running at a back- up data center – with minor hitches – when a catastrophe occurs at a primary data center. WHAT BUSINESS RISK DOES IT HELP CONTROL? Loss of data processing capability DISASTER RECOVERY (D/R)

… best practices tools … WHAT IS IT … Its different than D/R, but clearly includes D/R. Its a strategy and plan to keep the business running by assuring that the people needed to run the business have required facilities and information provided to them quickly. A BCP is very inclusive and detailed and is a dynamic document with multiple accesses for instant availability. WHAT BUSINESS RISK DOES IT HELP AVOID … Talk to anyone affected by 9/11 … BUSINESS CONTINUITY PLANNING (BCP)

IV. WHAT ARE OUR PANELISTS EXPERIENCES?

QUESTIONS FOR PANELISTS 1. What are your experiences with rapid application development tools? 2. For those of you who do not use RAD, why not? 3. Has the QA department ever saved your bacon? 4. Is the role of the QA department clearly understood and appreciated? 5. How do you do new application testing today? 6. How have application testing tools helped you to be risk adverse?

… questions for panelists … 7. What network and security measures do you use? 8. How do you effect version control in your company? 9. Have you ever had a version control disaster? 10. Does your firm have D/R plan.. and do you practice it? 11. What effect did 9/11 have on your D/R focus? 12. Who maintains the BCP in your firm? 13. Did your firm have one on 9/11?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.