Roles and Responsibilities
A financial institution's board of directors and senior management are responsible for overseeing a safe and sound IT operating environment that supports the institution's goals and objectives. The institution's responsibilities apply to centralized and decentralized operations centers, including those located within lines of business; functional operations; affiliates under the enterprise umbrella; and outsourcing arrangements.
Key elements of these responsibilities include:
- Implementing an IT operational organization structure suitable to supporting the business activities of the institution;
- Documenting the systems in place, and understanding how these systems support the associated business processes;
- Establishing and supporting an appropriate control environment through risk identification, assessment, management, and monitoring;
- Creating a physically and logically secure operating environment;
- Providing for operational continuity and resiliency;
- Providing for adequate staffing and personnel selection, succession, and training; and
- Using qualified consultants and external auditors, when necessary.
Board of Directors and Senior Management