Future Roles of CTO & CIO

Future Roles of CTO & CIO

Financial institutions management of ICT and security risks is one of the risk areas receiving most attention in terms of regulation, supervisory surveillance and media coverage.

Traditional IT has moved from being a supportive function, into ICT and digital solutions being the very foundation on which many businesses operate. The responsibility of managing ICT and security risks is still placed with the IT department and results in an increased pressure on CTO and CIOs. Valuable time is being lost on governance, risk management and reviews instead of discussing technical or business progress.

Increased focus on ICT governance 

The upcoming challenge will be to implement and maintain the operational resilience outlined in DORA through the implementation of an integrated framework for managing ICT and security risks. In other words: organizations will need to ensure resources for ICT governance. It is tempting to put this responsibility on existing resources, whether they are CTOs or CIOs. As they are already experiencing an increased workload in today’s digital environment, organizations will need to evaluate if this is a long-term sustainable solution. 

ICT risk management across the financial sector

In the last decades the use of ICT has gained a pivotal role in finance, assuming critical relevance in the operation of daily functions of all financial entities. DORA, unlike previous regulations, addresses a wide range of different financial entities in the market. For example banks, insurance companies, payment service companies have to adhere to DORA. Additionally other types of firms such as crypto service companies, central securities depositories, central counterparties, investment funds including AIF, crowdfunding, and third parties are also addressed in the regulation. This is the first time where ICT third parties must adhere to financial regulation and formal financial authority reviews.

FCG help you navigate

FCG has assisted numerous financial service entities adhering to the EBA, EIOPA ICT and security risk management regulations and prepared them for the introduction of DORA. Furthermore, we have assisted third-party providers with DORA adoptions. We believe that if the financial institutions adhere to the EBA or EIOPA regulation much of the work has already been made and only adjustments are needed. For firms that are not under the EBA or EIOPA regulation, significant adjustments will have to be made to comply with DORA.

Want to find out how FCG can help you?

SWEDEN

Fredrik Ohlsson
Partner Operational risk/ICT

NORWAY

Johan Røthe
Partner & Head of Norway

FINLAND

Timo Tamminen
Partner Operational risk/ICT

This website is using cookies

We use cookies for functionality and analysis.

Read more about cookies
Accept cookies
Settings

Cookie settings

Read more about cookies
Future Roles of CTO & CIO Future Roles of CTO & CIO

These cookies are essential and required for this site to work properly. Without them we will not be able to assure that our website and services functions correctly.

Future Roles of CTO & CIO Future Roles of CTO & CIO

Analytical cookies are used by third party web services to measure visitors traffic and helps us to evaluate the performance of this website. The collected data is used for the purpose to improve the visitors experience.

Save