The Basel Capital Accord (Basel II), drafted in January 2001 by the Basel Committee on Banking Supervision, proposes changes to improve "capital adequacy" (minimal capital requirement), enhance risk measurement and management capabilities - including the somewhat over-debated and discussed operational risk - and promote accurate and transparent reporting.
Currently in its third draft, the accord is expected to be adopted by all major financial regulators and supervisors by 2006.
When looking at the above, it is quite clear that IT is a key role-player and a critical factor in what Basel II ultimately sets out to achieve.
Indeed, technology not only plays an important role in dynamic or active business risk management, but is also defined as operational risk which should be managed like any other employee or external influence.
And this brings us to security information management (SIM), one of the lesser-known IT risk management enablers. Security data is everywhere and is overwhelming even the most sophisticated security operations today. Therefore, enterprises require true security management that enables them to manage IT risks as they would manage any other business risk.
SIM includes: business relevance and value of IT systems; service and business continuity views based on integrity; availability and risk value; workflow alerting based on job functions; and business risk by aggregated views of systems and business processes.
In short, SIM enables multiple disciplines in the enterprise to manage business risk across the organisation that includes unique forms of risk management practised by legal, auditing, IT operational and planning and financial, among others.
It is said that the current interest (or necessity) in SIM is being driven by a combination of inadequate resources in IT, a lack of tools for automating security event collection and analysis, and security information overload.
And of these, security information overload is the biggest problem facing IT organisations. The offender - the voluminous data collected by security gateways, including IDS, IDS sensors, network routers and firewalls.
The reality is that security information overload is far beyond the capacity of any organisation. Even if you hire enough people to baby-sit every security event, it would still be a total waste of time, energy and money.
Here, SIM solutions succeed where many applications have failed. SIM applications are voracious consumers of whatever event dataset is plugged into it - live event data connected to the enterprise or from any known vulnerability and threat dataset.
SIM systems encompass the asset values of IT resources, looking at management, the business value of these resources and their related processes, the business risk of these assets are threatened, and importantly, the risk to the organisation if IT is compromised.
By focusing on these important elements, SIM solutions help companies move beyond managing technology controls into an active profile for managing business risk.
Although focused in the past on security events, SIM systems now enable IT executives, CFOs, legal departments and internal auditing teams to more easily see and manage tangible risk.
With the new "business views" delivered by SIM, only the most important events need to be attended to and repaired immediately. And in turn, this "business view" of IT enables the various company departments to become more productive, with fewer resources.
Share
Computer Associates International, Inc (NYSE:CA), the world`s largest management software company, delivers software and services across operations, security, storage, lifecycle and service management to optimise the performance, reliability and efficiency of enterprise IT environments.
Founded in 1976, CA is headquartered in Islandia, New York, and operates in more than 100 countries. For more information, please visit http://ca.com.
Editorial contacts