Enterprise Risk – Issue 3
Issue 3 of "Enterprise Risk" – the quarterly magazine compiled by Enterprise Risk Services, is officially published in March 2011. The magazine brings together Deloitte ERS's leading knowledge, experience and distinctive insights through years of professional services in the area of enterprise risk, focusing on helping companies understand and exchange risk related topics and setting forth Deloitte's professional opinions.
This issue, under the theme "Information Technology Risk", covers the following:
Information system risk: Thoughts on the essential foundation of contemporary business infrastructure
With the extensive application of information technology, businesses are increasingly concerned about the risks it may pose and have taken positive measures in response. This issue focuses on how to manage and cope with risks associated with applying information technology with major topics including the following:
- Great leap forward in information risk management - Experience sharing of information risk management with the Land Bank of Taiwan
In recent years, the international economic environment and the overall situation of financial markets are going through periods of decline and extreme volatility against the global financial tsunami. The banking industry is competing fiercely in diversified business sectors and the global market. Against the macro and micro backgrounds, a bank is facing an increasingly complicated operating environment and a growing concern of high risks associated. Drawing upon the insight from our interview with the Director of Information Sector of Land Bank of Taiwan, Chen Yihong, the article expresses a solid understanding of the risks and challenges facing the information sector and his perspective of how to realize company growth plan by curtailing negative factors which will result in less profit or profit loss from the view of information control.
- 2010 Global Security Survey
Close to 1000 companies (actually 963) in 45 countries around the world participated in this survey. The report combines the insight from Deloitte Information and Technology Risk Services professionals and Information Technology executives of top global FSIs, and the practical experience of global security risk control experts, providing an understanding of the status quo of the management of risks related to information security and the presenting challenges. The findings are included in this issue.
- Enterprise security: A look at a risk-intelligent security system (FIBER-reinforced version)
Deloitte’s FIBER is a practical enterprise security risk management system, which can be used to protect all the five major asset classes of an organization - Facility, Information, Business, Employee, and Reputation. This reinforced security system includes physical security, personnel security, information security mechanisms; crisis management and business continuity strategies.
- Controlling and managing IT risks to enhance and elevate IT value
At the first "Annual Conference of Information Technology Risk Management in China's Banking Industry" held on 27 October 2010, Tonny Xue, Deloitte China's Enterprise Risk Services Partner, shared his insight on how controlling and managing IT risks can help companies enhance and elevate IT value. He expressed his views on how to identify and assess risks in relation to information technology, and how to enhance the value of information technology in the banking industry through a series of effective mechanisms as well as reasonable and scientific countermeasures - a new challenge faced by banks in developing information system and the overall risk management. This article is the transcript of his speech.
- Strengthening risk management of e-Banking to improve a secure customer experience
In recent years, cyber crimes relating to e-Banking have exerted a great impact on the business of commercial banking and presented an increasingly severe security challenge. As a result, enhancing the security and risk management of e-Banking transactions has become the top priority of many commercial banks.
Research: Best practices for IT Infrastructure Library (ITIL) information service management
ITIL (IT Infrastructure Library) is an information management practice with 20 years' development, and is adopted by the IT industry quickly as a standard to manage increasingly complex IT environment. This article describes the concept, benefits and import methods, with examples included.
Internal control practices
In this issue we look at "Sales II: Sales recognition and account receivable collection".
"Winning - 4th edition".
Risk management terminology
In this issue, the featured phrase related to risk and control is "Business Continuity Management."