Roles and Responsibilities

Action Summary

A financial institution's board of directors and senior management are responsible for overseeing a safe and sound IT operating environment that supports the institution's goals and objectives. The institution's responsibilities apply to centralized and decentralized operations centers, including those located within lines of business; functional operations; affiliates under the enterprise umbrella; and outsourcing arrangements.

Key elements of these responsibilities include:

  • Implementing an IT operational organization structure suitable to supporting the business activities of the institution;
  • Documenting the systems in place, and understanding how these systems support the associated business processes;
  • Establishing and supporting an appropriate control environment through risk identification, assessment, management, and monitoring;
  • Creating a physically and logically secure operating environment;
  • Providing for operational continuity and resiliency;
  • Providing for adequate staffing and personnel selection,¬†succession, and training; and
  • Using qualified consultants and external auditors, when necessary.



Previous Section
Next Section
Board of Directors and Senior Management