SBP Drafts Framework for IT Governance in Banks. The State Bank of Pakistan (SBP) has issued a draft framework on IT governance and risk management. It will work as instructions for banks and other financial institutions.
The framework issued is based on international standards and known principles of international practice. It will be helpful for technology governance and risk management. And shall help as SBP’s base-line requirement for all Financial Institutions (FIs).
SBP Drafts Framework for IT Governance in Banks
“It aims to provide enabling regulatory environment for managing risks associated with use of technology.”
Said the SBP.
Other than this, the scheme will apply to all FIs. That includes commercial banks (public and private sector banks), Islamic banks, Development Finance Institutions (DFIs), and Microfinance Banks.
SBP further added that:
“The framework is not one-size- fits-all and the implementation of the same will be risk-based. And commensurate with size, nature and types of products and services and complexity of IT operations of the individual financial institutions.”
The instructions are focused on upgrading the proactive and reactive environments in FIs to different facets and dimensions of the information technology, security, operations, audit and related domains. And to create overall safe and secure technology operations in FIs which will assist and augment the confidence of all the stakeholders.
FIs will be helpful in assessing and conducting gap analysis between their present status and the guidelines. And draw a time-bound action plan to address the loopholes and comply with the guidelines.
Interested parties, institutions or individuals, from banking sector, IT industry, academia and other stakeholders are welcomed by SBP to review the Draft framework.
They can give their feedback or comments at: EITGF@sbp.org.pk till March 31, 2017.