The growing importance of digital risk & governance
Valerio Begozzi, Matteo Oldani, Francesca Terrizzano
The aim of the paper is to explain what is meant by Digital Risk&Governance. For this purpose, it is important to retrace the technological evolution that has affected the last few decades: from branches to Mobile Banking, from the digitalization of transactions to the creation of Fintech, from the first process automations to Artificial Intelligence. This evolutionary journey has not only involved and still involves the birth of new technologies, but also the possibility of seizing new business opportunities and therefore necessarily of facing new types of risk, which are not always intuitive and easy to fully understand and manage. In this context, the role of the Regulator is fundamental not only to make available to companies elements for a correct and complete understanding of Digital/ICT Risk, but also to provide guidelines that allow for the construction of an organizational and governance model suitable for gaining awareness risk and to assess, manage and monitor it. A fundamental role is played by the Digital Operational Resilience Act (DORA), which certainly better defines some aspects that until recently did not find a clear place, but - even more important - which allows these aspects to be included in an organic and holistic framework. Governance and organization are essential in this panorama, the only functions capable of spreading the risk culture necessary to overcome the silo mentality and to establish the cultural paradigm change essential for managing ICT Risk. Given the extension of the perimeter that is generally included under this risk, the paper goes on to underline the most relevant aspects and suggests in a practical way the components on which companies should concentrate in order to implement and make usable an all-round management framework: from the identification of critical functions to the importance of having tools capable of certifying the correctness, completeness and quality of the data. Another high-sounding and closely related theme, which therefore could not fail to be addressed in the paper, is represented by the cyberattack and its impacts on the market. The paper then closes with a theme which, in our opinion, plays an even more stately role than the creation of an overall framework can play: the Digital Strategy, consciously accessible only through a Digital Risk & Governance framework, but which represents the ultimate goal to which companies should aspire.
Year of publication: |
2023
|
---|---|
Authors: | Begozzi, Valerio ; Oldani, Matteo ; Terrizzano, Francesca |
Published in: |
Risk management magazine. - Milano : Associazione Italiana Financial Industry Risk Managers (AIFIRM), ISSN 2724-2153, ZDB-ID 3139381-0. - Vol. 18.2023, 2, p. 27-36
|
Subject: | Digital Risk & Governance | Risk Management | Risk Management Framework | Digital Risk | ICT Risk | Technological Evolution | Digitalization | Operational Resilience | Cyber Security | Cyberattack | DORA | Digital Operational Resilience Act | BusinessContinuity | Outsourcing | Data Management | Data Management Framework | Organization | Governance | Organizational Model | Governance Framework | Cultural Paradigm Change | Digital Strategy | Business Strategy | Risikomanagement | Risk management | Digitalisierung | Digitization | Informationstechnik | Information technology | Informationsmanagement | Information management | Datensicherheit | Data security |
Saved in:
freely available
Saved in favorites
Similar items by subject
-
IT-Risiken in Banken : aufsichtliches Rahmenwerk für die digitale Transformation
Hellstern, Gerhard, (2019)
-
IT-Governance : Zentraler Erfolgsfaktor für die digitale Transformation
Rentrop, Christopher, (2024)
-
Enterprise IT-Governance : unternehmensweite IT-Planung und zentrale IT-Steuerung in der Praxis
Tiemeyer, Ernst, (2023)
- More ...