Activity
Assess risks in IT service(s)
Assess and evaluate IT risks ICS
Organisation
Responsible
IT Expert
Consulted
IT Governance Expert
Input/Output
Input data
Process documentation
IT service documentation
Risk strategy
Output data
IT risks catalogue
Requirements
Requirements (Basel II)
Data warehousing
Data quality
Data collection
Data analysis
Requirements (SOX)
Section 906. Corporate responsibility for financial reports
Section 403: Disclosures Of Transactions Involving Management And Principal Stockholders.
Section 802: Criminal penalties for altering documents
Section 409: Real Time Issuer Disclosures
Section 302: Corporate Responsibility For Financial Reports
Section 404: Management Assessment Of Internal Controls
Requirements (MIFID)
Article 3 Conditions applying to the provision of information
Article 16 Safeguarding of client financial instruments and funds
Article 51 Retention of records
Article 12 Reporting channels
Article 30 Post-trade transparency requirements for MTFs
Article 25 Obligation to uphold integrity of markets, report transactions and maintain records
Article 13 Organisational requirements
Article 23 Record of services or activities giving rise to detrimental conflict of interest
Article 8 Record-keeping of transactions
Article 7 Record-keeping of client orders and decisions to deal
Article 29 Pre-trade transparency requirements for MTFs
Article 29 Publication and availability of pre- and post-trade transparency data
Article 46 Execution policy
Article 32 Arrangements for making information public