Wolf | IS Risks and Operational Risk Management in Banks | E-Book | www.sack.de
E-Book

E-Book, Englisch, 678 Seiten

Wolf IS Risks and Operational Risk Management in Banks


1. Auflage 2005
ISBN: 978-3-89936-326-5
Verlag: Josef Eul Verlag
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)

E-Book, Englisch, 678 Seiten

ISBN: 978-3-89936-326-5
Verlag: Josef Eul Verlag
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)



Financial risk management has always been a core business of banks. However, in recent years operational risks have gained in importance. This manifests itself, for example, in the New Basel Capital Accord and is similarly expressed in the Sarbanes-Oxley-Act.

Due to the fact that business processes in the banking industry rely heavily on information systems (IS), the emerging demand for operational risk management calls specifically for a contribution from the IS discipline. An empirical study with the Top 100 German banks was conducted, which yielded data from 43 face-to-face interviews all over Germany. Managers from both the IS/IT department as well as from the risk management department participated in the interviews.

Three key perspectives of IS risk management have been investigated. First, evidence was provided that existing approaches from the IS discipline cannot sufficiently contribute to a sound IS risk management. In the second key perspective, current operational risk management activities in the German banking industry were explored. Finally, the third key perspective reveals banks' requirements for a sound management of IS risks as operational risks.

This research can provide significant value both to academia and practitioners. Several suggestions are developed that may help banks on their way to implement the recommendations of the Basel Committee on Banking Supervision by 2007. Further, this thesis represents a first step towards an IS risk management approach that supports the complete risk management process and covers all four categories of IS risks as operational risks during the entire system life cycle. Insights from the results may be transferred to other industries with a high dependency on IS, such as the insurance industry, which is subject to Solvency II.

The author:

Elke Wolf graduated at the University of Cologne with a Master's of Economics in 1997. After the faculty-wide project VIRTUS from 1998 to 1999, she joined the Department of Information Systems and Information Management, headed by Prof. Dr. Dietrich Seibt. Here, she worked as a research and teaching assistant until 2004. From 2000 to 2002 she also was in charge of the EU-funded project MobiCom as the leader of the Cologne team. After the retirement of Prof. Seibt, she was offered the opportunity of an academic career at the University of Auckland, New Zealand, where she has been working since February 2004. She completed her doctoral degree at the Faculty of Economics, Business Administration and Social Sciences of the University of Cologne in January 2005.

Wolf IS Risks and Operational Risk Management in Banks jetzt bestellen!

Autoren/Hrsg.


Weitere Infos & Material


1;Preface;6
2;Acknowledgements;8
3;Contents;10
4;List of Figures;16
5;List of Tables;20
6;List of abbreviations;32
7;1 The problem of risk management for information systems in the banking industry;38
7.1;1.1 Business drivers for operational risk management;39
7.2;1.2 Research questions;53
7.3;1.3 Objectives;54
7.4;1.4 Relevance for the research field of information systems;57
7.5;1.5 Structure of the thesis;59
8;2 Core concepts and review of current research - IS risks in the context of banks’ business processes;62
8.1;2.1 Business processes of banks under changing conditions;64
8.2;2.2 Risk, IS risks, and operational risk;81
8.3;2.3 Risk management;93
8.4;2.4 Review of current research;121
8.5;2.5 Basic research theses;142
9;3 Three key perspectives of investigation;156
9.1;3.1 Exploring the field - Mobile banking;158
9.2;3.2 Methodological aspects of key perspective 1 - Risk management profiles of existing approaches;172
9.3;3.3 Methodological aspects of key perspective 2 - Current risk management procedures and tools;190
9.4;3.4 Methodological aspects of key perspective 3 - Requirements specifications;234
10;4 Results of the study - The demand for new developments in the field of IS risk management;240
10.1;4.1 Key perspective 1 - Risk management profiles of existing approaches;241
10.2;4.2 Key perspective 2 - Current risk management procedures and tools;275
10.3;4.3 Key perspective 3 - Requirement specifications for future developments;298
10.4;4.4 Revision of the research theses;343
11;5 Interpretation of the results - Suggestions for new developments and future research;352
11.1;5.1 Suggestions for new developments;354
11.2;5.2 Areas of future research;383
11.3;5.3 Conclusions;392
12;Bibliography;396
13;Appendix;454
13.1;Appendix A ;456
13.2;Appendix B;462
13.3;Appendix C ;466
13.4;Appendix D ;472
13.5;Appendix E ;486
13.6;Appendix F ;488
13.7;Appendix G;504
13.8;Appendix H ;518
13.9;Appendix I ;522
13.10;Appendix J ;598
13.11;Appendix K ;618


3 Three key perspectives of investigation (p. 120-121)

Following the introduction to the research problem in Chapter 1, Chapter 2 has provided a clarification of the basic terminology, derived from the research questions. In particular, business processes of banks and related current developments have been discussed, the core terms of risks, IS risks and operational risks have been defined and explained in their contexts. Operational risk as an expression from a banking perspective comprises IS risks in all of its four categories, i.e. personnel, process, system, and external risks. Further, the concept of risk management, its origins and its implications from a banking perspective as well as from an IS perspective have been discussed. The legal foundations of risk management in the banking industry, especially the frame within which banks need to act, as it is recommended in the Basel Capital Accord, is explained with regard to some implications for IS risk management.

Four main IS research areas, in which risks are commonly considered, have been identified, i.e. project management, outsourcing, system development, and security management. Current IS research dealing with IS risks in these areas has been reviewed and important aspects have been summarised. Finally, basic research theses are derived from the literature review as well as from the discussions about the Basel Capital Accord. Each of these theses is investigated from one of the three key perspectives.

This research is strongly based on the postulate of changing conditions. Therefore, some empirical evidence of these chritanging conditions is provided. An exploratory study on mobile banking has been conducted that may illustrate the changing conditions and the risks that are implied when integrating new technology into business processes. Thus, this example in Section 3.1 strengthens the basis of this research and prepares the ground for new developments. The literature review in Chapter 2 has indicated that there is no approach that covers all risk categories, all parts of the risk management process, and the complete system life cycle. These apparent shortcomings are analysed in more depth, i.e. to what extent can existing approaches contribute to the management of IS risks. This further strengthens the approach of this research and is described in Section 3.2.

The discussion of risk management and the literature review have indicated what banks are supposed to do from a regulatory point of view. However, an empirical investigation is needed in order to reveal what is the common risk management practice in banks. This part is described in Section 3.3. Since the largest banks are expected to have the scope for being most innovative and therefore most indicative of common practice, the empirical investigation addresses the top 100 banks (according to their total assets) in Germany. Finally, one of the biggest challenges may be to find out why banks are doing risk management in a particular way and what their essential requirements are for an approach that aims at an actual management of IS risks, on the one hand, and could also be useful as one of the Advanced Measurement Approaches, on the other. The objectives of this investigation are different from key perspective 2, inasmuch as it focusses on the scope for improvements rather than on the status quo. Therefore, it is covered in Section 3.4.



Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.