Activity
Evaluate risks for IT service(s)
Assess and evaluate IT risks ICS
Organisation
Responsible
IT Expert
Consulted
IT Governance Expert
Input/Output
Input data
IT risks catalogue
Output data
IT risks catalogue
Requirements
Requirements (Basel II)
Data quality
Data collection
Data analysis
Data warehousing
Requirements (SOX)
Section 403: Disclosures Of Transactions Involving Management And Principal Stockholders.
Section 302: Corporate Responsibility For Financial Reports
Section 404: Management Assessment Of Internal Controls
Section 409: Real Time Issuer Disclosures
Section 802: Criminal penalties for altering documents
Section 906. Corporate responsibility for financial reports
Requirements (MIFID)
Article 29 Publication and availability of pre- and post-trade transparency data
Article 51 Retention of records
Article 12 Reporting channels
Article 30 Post-trade transparency requirements for MTFs
Article 25 Obligation to uphold integrity of markets, report transactions and maintain records
Article 7 Record-keeping of client orders and decisions to deal
Article 13 Organisational requirements
Article 29 Pre-trade transparency requirements for MTFs
Article 3 Conditions applying to the provision of information
Article 16 Safeguarding of client financial instruments and funds
Article 23 Record of services or activities giving rise to detrimental conflict of interest
Article 46 Execution policy
Article 32 Arrangements for making information public
Article 8 Record-keeping of transactions