Project Risk Management: Banking Information System Analysis

Verified

Added on 2022/11/23

AI Summary

This report presents a comprehensive risk management plan designed for a banking information management system within a local bank. It begins with an introduction to project risk management, emphasizing the importance of collaborative risk assessment between the bank and the project team. The report identifies various risk categories, including force majeure, country risk, foreign policy risk, legal risk, and macroeconomic risk, alongside the severity matrix. It outlines risk mitigation strategies, focusing on data backup, system security, and communication plans. The report discusses risk monitoring, emphasizing the need for daily, weekly, and monthly checks. A detailed communication plan is presented, outlining stakeholder strategies, communication methods, and potential outcomes. The report concludes by advocating for an integrated risk management system that can identify, evaluate, control, and monitor all types of risks to ensure the generation of income while minimizing risks.

1
Name:
Course
Professor’s name
University name
City, State
Date of submission

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

2
Introduction: Project Risk Management
This is a project risk management for a banking information management system for a local
bank.
Risk Assessment
1. Identification
This work should be carried out jointly and interactively: the customer with the performer. In
this regard, it is useful if the project of implementing an ERP system is preceded by a stage of
business diagnostics or the development of an IT strategy, since already in advance some of
the most important risks can be identified and taken into account (Bessis, 2015).
Risk management concepts in banks
For a bank, risk is the potential for loss of income or a decrease in the market value of a
bank’s capital due to the adverse effects of external or internal factors. Such losses can be
direct (loss of income or capital) or indirect (imposing restrictions on the ability to achieve
their business goals). These restrictions restrain the ability of the bank to carry out its current
activities or to use opportunities for business expansion. The risk identification process
occurred when the bank was changing its core management operation systems to a new
project. The people involved were the project managers, project team members and the bank
employees for checking how strong the system is and its risks identified (Burtonshaw-Gunn,
2017).
Among the large number of external risks can be identified five main groups:

3
1. risk of force majeure - associated with the occurrence of unforeseen circumstances
that adversely affect the activities of the bank and / or its partners (natural disasters,
etc.);
2. country risk - associated with the possibility of adverse conditions for the bank in the
political, legal, economic sphere of the country in which the bank operates;
3. foreign policy risk - due to changes in international relations, as well as the political
situation in one of the countries that affect the activities of a bank or its partners
(wars, international scandals)
4. legal risk - associated with changes in legislation of different countries (Gambetta,
Zorio-Grima, and García-Benau, 2015).
5. Macroeconomic risk - arises due to adverse changes in the situation in individual
markets or the entire economic situation as a whole (economic crisis). Separately, it is
necessary to single out a component of macroeconomic risk - inflation risk associated
with the possible loss of the initial value of assets.
2. Analysis and Evaluation
Risk management decisions may include, in particular, risk avoidance: failure to accept it; its
minimization, including due to mitigating factors and / or transfer (transfer) of risk to other
persons (through derivatives or insurance), setting limits on bank exposure and other methods
of influencing the risk (risk carrier) or the level of bank vulnerability to it .Consider the
basics of the methodological foundations of risk analysis and management in the
implementation of the key stage of building an information system, a project to implement an
enterprise management information system (Larson,. and Gray, 2017).

4
Risk
Severity
Matrix
S
e
v
e
r
I
t
y
Insignificant
Low
High
Catastrophic
Likelihood
Remote
Likely Very
likely
Probable

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

5
The severity matrix of the risk according to their likelihood of occurrence include;
1. Financial risk
2. risk of force majeure - associated with the occurrence of unforeseen circumstances
that adversely affect the activities of the bank and / or its partners (natural disasters,
etc.);
3. Macroeconomic risk - Separately, it is necessary to single out a component of
macroeconomic risk - inflation risk associated with the possible loss of the initial
value of assets.
4. country risk - associated with the possibility of adverse conditions for the bank in the
political, legal, economic sphere of the country in which the bank operates;
5. foreign policy risk - due to changes in international relations, as well as the political
situation in
6. legal risk - associated with changes in legislation of different countries;
3. Risk Mitigation
Consider the nature of risk, determine its role and place in entrepreneurship, analyze and
summarize the theoretical and methodological approaches in risk management. Explore the
role of information and knowledge in the modern economic life of society, their place in the
process of managing the company and corporate risks (Hillson, and Murray-Webster, 2017).
System/data
Type of data –
spreadsheet,
email,
payroll
Frequency of backup
Daily/weekly/monthly
Backup
/location
USB/extra hard
Person
Responsible

6
systems drive/online –
indicate where
they can be
located
Financial
Data system
Daily Bank
servers
Company IT
manager
Customer
information
system
Daily Bank
integrated
management
information
system/ Hard
drive
Company IT
manager/
Operations
directors
Bank security
system
Monthly USB Security manager
4. Risk Monitoring
In the first part of the course work, the theoretical and methodological aspects of the
automation of risk management of the introduction of an enterprise management information
system are considered: the concept, essence, classification, methods and steps of assessing
the financial risks of a bank.
After the initial identification of risks, it is necessary to assess their relative importance. The
probability of its occurrence, from negligible to significant and the consequences for the

7
project, from minor to catastrophic, when the project is forced to stop. Each of these
parameters is estimated on the basis of expert opinion, and the significance of the risk is
directly proportional to the magnitude of the likelihood and consequences (Mishra, and
Naidu, 2016).
The risks should be monitored daily , weekly and monthly.
5. Communication Plan
The agreed project participants and the prioritized list of risks are then used as input data to
develop a set of measures aimed at reducing the impact of risks that have a significance
above a certain threshold (you just have to put up with some risks). Here the experience of
the consultant is used to select the most appropriate solutions. Part of the project risks can be
reduced by following the relevant standards and methodologies for the implementation of
information system implementation projects (UK, A.M.S., Mukhtar, and UK, 2018).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

8
Audience
Stakeholde
r
Strategy/
action to be
inform
Method of
Communication
Responsible Timeframe Potential
Outcome
(as training)
Bank
employees
e-mail 1 day Risk
awareness
Project team
members
e-mail 30 days More
information
on the
system
Customers Text messages/
e-mail/ AGM
result book
30 days Risk
awareness
Security /
regulatory
bodies
e-mail/ formal
letter
2 weeks More
regulatory
measures
Risk management should occur at the level of the organization where the risk arises, as well
as with the help of independent risk checking and control functions at the highest levels of
management and at the level of the supervisory board.

9
Communications Plan Checklist
Element Action Outcomes Responsibility
Assigned to:
Anticipate the crisis Hold a team brainstorming
exercise to workshop likely
crisis. Can also be informed
by risk matrix
Crisis Response Plan
generated
Communication
manager
Identify / appoint your
crisis
communication team
Owner / manager and senior
personnel. Depending on
scale of business, may
include engaging / retaining
external expertise
Clear identification of
responsibility for crisis
communications
Scheduling of scenario
days (annually) as core
crisis preparation
activity
Communication
team
Train spokespeople Ensure all delegated staff are
trained in media
management and response
If a small business, consider
extending training to all staff
– a particularly front line
hospitality / retail staff most
likely to be approached ad
hoc for comment
Media ready staff
Protection of brand via
appropriate media
response
Training
manager
Establish monitoring /
notification systems Consolidate databases and
document platform /
channels to be used to reach
all relevant stakeholders –
mobile numbers for SMS
alerts, social media channels,
web administration, etc.
Crisis ready
communication
systems
Systems control
manager
Developing holding
statements
Develop crisis ready
statements based on
identified scenarios
Consistent, clear and
accurate dissemination
of information
Development
manager
Assessment Conduct situation analysis
during and post crisis to
inform messaging
Adaptive / responsive
messaging that is
accurate and up to
date reflecting the
latest set of
Operations
manager

10
circumstances
Review Post crisis, stage debrief to
identify
enhancements/inclusions
A robust plan Operations
manager
Conclusion
Banks should try to create an integrated risk management system that would ensure a reliable
process of identifying, evaluating, controlling and monitoring all types of risk at all levels of
the organization, including taking into account the mutual influence of various categories of
risks, and would also help solve the problem of conflict between the need to generate income
and minimize risks (see Organizational and functional support of risk management in banks
(Waemustafa, and Sukri, 2016).
References
Bessis, J., 2015. Risk management in banking. John Wiley & Sons.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

11
Burtonshaw-Gunn, S.A., 2017. Risk and financial management in construction. Routledge.
Gambetta, N., Zorio-Grima, A. and García-Benau, M.A., 2015. Complaints management and
bank risk profile. Journal of business research, 68(7), pp.1599-1601.
Hillson, D. and Murray-Webster, R., 2017. Understanding and managing risk attitude.
Routledge.
Larson, E.W. and Gray, C.F., 2017. Project management: The managerial process. McGraw-
Hill Education.
Mishra, U. and Naidu, M.P., 2016. A Study on credit risk management and appraisal process
at Punjab national bank, Nagpur. International Journal of Multifaceted and Multilingual
Studies, 3(2), pp.1-9.
UK, A.M.S., Mukhtar, A. and UK, M.F.S., 2018. The long-term relationship between
enterprise risk management and bank performance: the missing link in Nigeria.
Waemustafa, W. and Sukri, S., 2016. Systematic and unsystematic risk determinants of
liquidity risk between Islamic and conventional banks.