Governance

Governance

IT Governance & Risk

Andrews Duffy provides Independent Risk Management and oversight of the Information Technology solution.

Governance

Governance

We work with in challenging environments many of which operate in a complex and demanding regulatory environment. Information Technology is a core enabler of strategy and business development for organisations.

Many regulatory authority bodies, e.g. The Central Bank of Ireland (Financial Services) or HSE (Health) require regulatory oversight into operations including IT. An oversight function is placed on management or boards / volunteers to oversee IT without, on occasions the necessary skillset to understand, manage IT providers and information produced. IT Risk Management is a recurring theme in the reports that requires action upon from the Central Bank for credit unions for example.

To consider:

Risk Governance
staff_meeting
Our Solution

Our Solution

Taking the headache away of managing IT from staff who have more operational priorities

  • Is the Management Team swamped with technology based projects and finding it difficult to project manage them?
  • Do your policies reflect actual requirements of the organisation?
  • How confident that your business can recover from a cyber incident in terms of business impact and operational functions?
  • Is the board aware of their onus with regard to Information Technology Risk Ownership?

We perform our IT Governance around key areas:

IT Governance

IT Governance

Policies & Procedures, development and review

Asset Management

IT Strategy alignment with overall organisational strategic plan

IT Security

IT Security

Oversight of IT Risks on Risk Register

Maintenance of IT Asset Register

Network Security and Cyber Security Awareness

Business Continuity Plan

Business Continuity Plan

Review of Business Continuity Plan

Disaster Recovery Procedures

Scenario Testing

IT Outsourcing

IT Outsourcing

Vendor Management

Achieving Cost effective use of equipment

Oversight on systems updates and deployment

IT Budgets

IT Budgets

Reviewing the historical spend on IT.

Assisting with tender applications from existing vendors and ensuring best value for money spent

IT Projects

IT Projects

Managing IT Projects from conception to completion, being the single point of ownership/contact for any IT project

Our Solution

Our Solution

Regulatory expectations, IT compliance and risk management requirements.

Many regulatory reports from the likes of the Central Bank for example have highlighted risks that IT presents to financial service organisations due to complexities of managing IT, insufficient procedures and lack of training. Risk management of the IT function is a recurring theme in all sectors that we are engaged in, from financial services, health, transportation and NGO.

It is our opinion that these risks can be mitigated and controlled by use of policies, procedures and action plans coupled with regular clear language reports to management team and board. We address the regulatory expectations, IT compliance and risk management requirements.

 

Download

Download

CP-140 Cross Industry Guidance on Operational Resilience

Central Bank of Ireland, December 2021 released a Consultation Paper, CP140 on Operational Resilience for Financial Institutions.

This guidance paper comments to the preparedness of financial institutions to continued operations with regard to events that may occur that impact on its continuing operations and or ability to deliver member services.

Call-center-worker