金融软件系统建设参考资料/PDF/英文版

Ernie Jordan and Luke Silcock
Published in 2005 by John Wiley & Sons Ltd

Contents

About the authors ix
Foreword xi
Acknowledgements xiii

1 Thriving on risk 1

  The challenge 2
  Complications and deficiencies 3
  The cure for your IT risk headache 6

2 IT governance framework 19

  Different approaches to governance 22
  Building a framework for your organization 35
  Design and implementation issues 38
  Case study: Aventis 42

3 IT risk portfolio 45

  Introducing the IT risk portfolio 45
  Implementing an IT risk management capability 60
  Health check 66
  Case study: European fleet management services provider 67

4 Projects 71

  The impact of project failure 73
  Organizational, program and project views of risk 78
  Understanding IT project risk factors 82
  Alternative philosophies for delivery assurance 95
  Identifying, reporting and managing project risks 97
  Health check 103
  Case study: Agility 104

5 IT services 107

  IT service failures that impact your business 109
  Planning and preparation 113
  Implementing IT service continuity 117
  Health check 122
  Case study: Police service 123

6 Information assets 125

  Accessing your information assets 126
  The impacts of information asset exploitation 127
  The impacts of degraded information assets 129
  The dimensions of security 132
  Implementing information asset management 138
  Health check 149
  Case study: Investment management 150

7 IT service providers and vendors 153

  The dimensions of service provider failure 154
  The dimensions of vendor failure 163
  Managing service provider risk 165
  Managing multiple IT service providers 174
  New and emerging risks in IT service provision 176
  Health check 179
  Case study: Financial services 180

8 Applications 183

  The impacts of IT application failure on your business 184
  The evolution of IT application risk 189
  IT application risk profiles 192
  Software assets and liabilities 195
  The lifecycle approach to managing risks 198
  Health check 201
  Case study: Leading water company 203

9 Infrastructure 205

  How IT infrastructure failure impacts your business 206
  IT infrastructure’s evolving risks 212
  Moving towards  ‘set and forget’ 214
  De-risking infrastructure transformation 216
  Health check 217
  Case study: GCHQ 218

10 Strategic and emergent 221

  The impact of IT failing to support the execution of
  your business strategy 222
  Driving shareholder value through IT-enabled business change 227
  The influence of your IT capability on business capability 230
  Health check 232
  Case study: Egg 233

11 IT and other enterprise risks 235

  Relating the IT risk portfolio to other types of enterprise risk 235
  Supporting risk-based management with IT 245
  The dependence of IT risk management on broader
  enterprise competencies 248
  In conclusion 251

Appendix 1: Review checklists 253
References 261
Index 271