IT Control Objectives for Basel II - The Importance of Governance and Risk Management for Compliance

IT Control Objectives for Basel II provides a framework for managing operational and information risk in the context of Basel II. It presents an outline of risk under Basel II, the links between operational risk and IT risk, and an approach for managing information risk. This document addresses three groups information risk managers, IT practitioners and financial services experts. The executive summary states that financial services organizations using the framework presented are able to apply recognized IT control objectives and management processes to address the role of IT in operational risk.

The book introduces the relevant concepts of governance, risk management and compliance (GRC), outlines the pressures that are intensifying the regulatory focus and describes the approach to risk management as defined in the Basel II framework.