Operational resilience is only half the picture to ensuring robust operations amid a challenging landscape for financial services firms, says leading software provider
According to ITRS Group, considering operational resilience in tandem with operational risk is the key to safeguarding operations and ensuring longevity
London, 5 June 2022: Understanding of the importance of operational resilience has been on the rise the last few years – particularly following the implementation of the FCA’s new operational resilience laws. But according to leading software provider ITRS Group, if firms employ effective operational risk measures, then the need for operational resilience will be largely diminished. As such, in tandem with an operational resilience strategy, firms should also ensure a robust operational risk approach – in an overarching strategy ITRS Group is dubbing O2RM (Operational Risk and Resilience Management).
The proliferation of operational resilience is a vital development, with financial services firms more dependent than ever on increasingly complex, exponentially expanding digital systems post-pandemic. In fact, research by ITRS Group shows that over 80% of financial institutions say their IT environments have changed more in the last 12 months than in their company’s lifespan.
But, according to ITRS Group, while widespread recognition of the importance of operational resilience is vital – and has been a long time coming – it fails to consider other important risk management practices. Operational resilience focuses heavily on what the user is experiencing (and thus reporting to the regulator), encompassing factors such as downtime and business continuity – which is undoubtedly crucial.
However, in their focus on this, many firms are losing sight of the bigger picture. No matter how resilient firms are, there are often unexpected external threats and risks beyond a firm’s control. If they develop a more holistic view that encompasses a focus on potential external risks and their ability to adapt in the face of threats, then there will be much less pressure on their operational resilience strategy performing flawlessly.
Guy Warren, CEO at ITRS Group, comments: “This failure to view operational resilience and risk management in tandem is hugely problematic for businesses, customers and the sector at large, as one simply isn’t possible without the other. Think of it like a game of rugby. You’re almost always going to get tackled and take a fall. From a resilience perspective, you can learn to fall better to minimise impact and get back up as quickly as possible. But you should also definitely be focusing on trying to avoid getting hit in the first place.”
To support firms through their compliance journey, ITRS Group has provided guidance for financial institutions to incorporate better risk management strategies into their operational practices:
1. Ensure robust IT architectural design that takes into consideration all potential failure scenarios thought through and mitigated. This will enable firms to anticipate failures before they actually happen, reducing the failure-disaster recovery cycle.
2. Thorough testing of non-functional requirements, including performance and failure scenarios – just functional testing to see if the software is able to process correctly is not enough.
3. Risk assessed change management, which can be informed by either a strong change risk register or risk change management solutions, which correlate, analyse and deliver actionable IT operations insights from a variety of sources. According to Gartner, 85% of all performance incidents can be traced back to changes – so by capturing risky changes, firms can detect and manage these incidents before they happen.
4. 360 degree, full stack monitoring with an active monitoring tool which can take action to correct incidents before they become problems. Automated monitoring solutions can give firms a full picture of any given IT estate, from legacy to cloud-based systems. This will give them access to information that allows them to mitigate operational, reputational and financial risk, shorten issue detection and resolution time, and comply with operational resilience regulations.
About ITRS Group
ITRS Group ensures operational resilience for enterprises engaged in transforming their IT estate for a digital future, as well as the ongoing health of their on-premise, cloud-based or hybrid IT estate. By transforming the mass of raw data on performance, resource usage, and cost, ITRS Group’s solutions can detect and actively prevent problems and maximise cost efficiency, reassuring enterprises that their IT estates are running effectively. With experience in legacy technologies as well as the dynamic environment of cloud-delivery, agile development, and service-based architecture, ITRS Group’s people and software serve more than 4500 clients across industry markets. As new disruptors, new technologies, and new regulations continue to shape the marketplace and change the expectations of consumers, ITRS Group offers a best-in-class service and is a source of confidence for the always-on enterprise.
For more information, visit www.itrsgroup.com