What is a useful definition to use when trying to identity and manage an Enterprise's Critical IT systems in the context of a financial services industry?  What dimensions or questions should be considered to "score" and arrive at an objective assessment of whether a system should be regarded as critical?

4.4k views3 Upvotes8 Comments

IT Analyst in Software, 51 - 200 employees
In the financial services industry, critical IT systems are those that are vital to core operations and can significantly impact business, customers, financial stability, or regulatory compliance if disrupted. To assess their criticality, consider factors like business impact, regulatory requirements, data sensitivity, dependencies, recovery objectives, historical performance, and stakeholder input. A comprehensive evaluation based on these dimensions can help objectively identify and manage critical IT systems.
1 Reply
Enterprise Architect in Finance (non-banking), 201 - 500 employees

thanks for your thoughts Hemant.  Any thoughts on how time/duration should be brought into the consideration?  E.g. an outside of some capabilities for a few hours may be tolerable, however eventually they have a major impact.

IT Manager in Transportation, 10,001+ employees
You should focus on few categories:

Impact Analysis.
Regulatory Importance.
Business Continuity.
Data Sensitivity.
Testing and Monitoring.
Recovery and Contingency Planning.
Board and Executive Oversight.
Third-Party Risks.

In each category think about potential requirements in case of issues and how would you react to them. 

Example questions: 
What is the Financial Impact?
Will we have a Compliance issues?
What types of data is stored on critical systems?
1 Reply
Enterprise Architect in Finance (non-banking), 201 - 500 employees

thank you Przemyslaw

System Engineer in IT Services, 501 - 1,000 employees
In the financial services industry, identifying and managing critical IT systems is vital for stability and security. To define and assess criticality objectively, consider factors like financial impact, regulatory compliance, customer impact, operational dependence, data security, interconnectedness, and more. Assign weights to these factors, score them, and prioritize resources based on the cumulative score to ensure proper management and protection of critical IT systems.
IT Analyst in IT Services, 10,001+ employees
Financial Services companies are a key to the overall financial system and in order to ensure they have robust controls and standards, they operate on a number of key financial systems which they also at times term as core systems. These core systems not only act as a database of the financial companies but also act as a record keeping tools for their business. A number of such tools are also used to ensure the regulatory and compliance requirements of the industry and the jurisdiction where they do business, is met. These companies will have a technique called 'Business Impact Analysis' which will list down all these key systems which are critical and also includes the turn around time for these systems in case of disruption. Another important question to consider is within what time these critical systems should be resumed back. Some would have 1-4 hours SLA while some less critical would have 12-24 hours SLA.
IT Analyst in Media, 1,001 - 5,000 employees
You can have business continuity plan in align and also proper governance of data usages.
System Operation Manager in Finance (non-banking), 501 - 1,000 employees
Today I see security has highly score objective for financial service industry. It very important to secure the data of customer along with other information of organization.

Content you might like

Yes - Maine did the right thing. There are too many security risks with free versions of these tools. Not enough copyright or privacy protections of data.30%

No, but.... - You must have good security and privacy policies in place for ChatGPT (and other GenAI apps). My organization has policies and meaningful ways to enforce those policies and procedures for staff.53%

No - Bans simply don't work. Even without policies, this action hurts innovation and sends the wrong message to staff and the world about our organization.12%

I'm not sure. This action by Maine makes me think. Let me get back to you in a few weeks (or months).3%


9.9k views9 Upvotes1 Comment

Open AI (Game Changer: adoption w/ChatGPT)40%

Google (Game Changer: inventor of Transformers, Bard)20%

Microsoft (Game Changer: real time BingGPT+Search plus enterprise enablement)18%

Meta (Game Changer: LLM that can run on single GPU)7%

Amazon (Game Changer: TBD)4%

X.AI / Elon Musk (Game Changer: TBD)3%

Baidu (Chinese tech giant, with GPT version released in March)3%

Someone completely new5%


28k views89 Upvotes14 Comments