Emerging IT risks : insights from German banking
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.loc.gov/MARC21/slim http://www.loc.gov/standards/marcxml/schema/MARC21slim.xsd">
<record>
<leader>00000cab a2200000 4500</leader>
<controlfield tag="001">MAP20180014659</controlfield>
<controlfield tag="003">MAP</controlfield>
<controlfield tag="005">20180525131630.0</controlfield>
<controlfield tag="008">180516e20180402esp|||p |0|||b|spa d</controlfield>
<datafield tag="040" ind1=" " ind2=" ">
<subfield code="a">MAP</subfield>
<subfield code="b">spa</subfield>
<subfield code="d">MAP</subfield>
</datafield>
<datafield tag="084" ind1=" " ind2=" ">
<subfield code="a">7</subfield>
</datafield>
<datafield tag="245" ind1="0" ind2="0">
<subfield code="a">Emerging IT risks</subfield>
<subfield code="b">: insights from German banking</subfield>
<subfield code="c">Simon Ashby... [et al.]</subfield>
</datafield>
<datafield tag="520" ind1=" " ind2=" ">
<subfield code="a">How do German banks manage the emerging risks stemming from IT innovations such as cyber risk? With a focus on process, roles and responsibilities, field data from ten banks participating in the 2014 ECB stress test were collected by interviewing IT managers, risk managers and external experts. Current procedures for handling emerging risks in German banks were identified from the interviews and analysed, guided by the extant literature. A clear gap was found between enterprise risk management (ERM) as a general approach to risks threatening firms' objectives and ERM's neglect of emerging risks, such as those associated with IT innovations. The findings suggest that ERM should be extended towards the collection and sharing of knowledge to allow for an initial understanding and description of emerging risks, as opposed to the traditional ERM approach involving estimates of impact and probability. For example, as cyber risks emerge from an IT innovation, the focus may need to switch towards reducing uncertainty through knowledge acquisition. Since individual managers seldom possess all relevant knowledge of an IT innovation, various stakeholders may need to be involved to exploit their expertise</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20160007633</subfield>
<subfield code="a">Ciberriesgos</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080591182</subfield>
<subfield code="a">Gerencia de riesgos</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080536534</subfield>
<subfield code="a">ERM</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20100017982</subfield>
<subfield code="a">Riesgos emergentes</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080587628</subfield>
<subfield code="a">Riesgo tecnológico</subfield>
</datafield>
<datafield tag="650" ind1=" " ind2="4">
<subfield code="0">MAPA20080623791</subfield>
<subfield code="a">Tecnología de la información</subfield>
</datafield>
<datafield tag="651" ind1=" " ind2="1">
<subfield code="0">MAPA20080637996</subfield>
<subfield code="a">Alemania</subfield>
</datafield>
<datafield tag="700" ind1="1" ind2=" ">
<subfield code="0">MAPA20110022075</subfield>
<subfield code="a">Ashby, Simon</subfield>
</datafield>
<datafield tag="773" ind1="0" ind2=" ">
<subfield code="w">MAP20077100215</subfield>
<subfield code="t">Geneva papers on risk and insurance : issues and practice</subfield>
<subfield code="d">Geneva : The Geneva Association, 1976-</subfield>
<subfield code="x">1018-5895</subfield>
<subfield code="g">02/04/2018 Volumen 43 Número 2 - abril 2018 , p. 180-207</subfield>
</datafield>
</record>
</collection>