Activity
Identify IT control requirements
Define IT controls ICS
Organisation
Responsible
IT Expert
Consulted
Risk Manager
IT Governance Expert
Input/Output
Input data
IT risks catalogue
IT service documentation
Requirements
Requirements (Basel II)
Data collection
Data quality
Data analysis
Data warehousing
Requirements (SOX)
Section 404: Management Assessment Of Internal Controls
Section 802: Criminal penalties for altering documents
Section 906. Corporate responsibility for financial reports
Section 409: Real Time Issuer Disclosures
Section 403: Disclosures Of Transactions Involving Management And Principal Stockholders.
Section 302: Corporate Responsibility For Financial Reports
Requirements (MIFID)
Article 30 Post-trade transparency requirements for MTFs
Article 13 Organisational requirements
Article 23 Record of services or activities giving rise to detrimental conflict of interest
Article 7 Record-keeping of client orders and decisions to deal
Article 16 Safeguarding of client financial instruments and funds
Article 3 Conditions applying to the provision of information
Article 25 Obligation to uphold integrity of markets, report transactions and maintain records
Article 29 Publication and availability of pre- and post-trade transparency data
Article 8 Record-keeping of transactions
Article 29 Pre-trade transparency requirements for MTFs
Article 46 Execution policy
Article 12 Reporting channels
Article 51 Retention of records
Article 32 Arrangements for making information public