March 17, New York
Workshop 3: Coordination of ORM, IT Risk and Data Governance
Led by: Richard Cech, Senior Bank Examiner, Operational Risk Governance, Financial Institution Supervision Group, FEDERAL RESERVE BANK OF NEW YORK
8:30 Registration and breakfast
9:00 Coordinating ORM, IT Risk and Data Governance - Facing the Gordian Knot
- Many critical risk exposures at financial organizations cross formal risk management lines
- Many span traditional "lines of defence," complicating already difficult role and responsibility assignments
- Is there a general approach that is both integrative and effective--without tying the organization into knots?
10:30 Morning coffee break
11:00 IT Risk Management - a Joint and Several Challenge
- Available approaches to IT Risk Management (ITRM), aligned with systems and information flow objectives
- Barriers to communication across ORM / ITRM boundary - correlating cause and effect, tracking incidents and remediation
- Variations in workshop participant action models, are best practices developing?
1:30 Data Governance - Aggregation and Beyond
- A new but growing discipline, data governance sits at the core of effective business conduct and enhanced risk management
- What are the components of effective data governance? What obstacles can arise in standing up a program?
- How can data governance be coordinated with ORM and IT Risk Management initiatives - are firms addressing this question? Using DCM?
3:00 Afternoon coffee break
3:30 Information Security - is it a Separate Discipline?
- To what extent is information security a "lone ranger" among the risk management partners, working on a separate set of problems?
- What are the opportunities (and necessities) of building systematic links with other risk disciplines?
- What approaches are participant firms taking to ensure maximum leverage of available risk resources to avoid damaging incidents?
5:00 End of workshop