Technology Risk Management Guidelines: Enhanced Requirements on Financial Institutions Concerning Technology Risk Governance and Security Controls

Financial Institutions ("FIs") today face the reality that cyber breaches are not a question of 'if', but 'when'. This, coupled with the need to embrace emerging technologies, accelerated digital transformation and more connectivity to third parties, add to the pressure for FIs to manage increasing technology and cyber risks as well as implementing measures to strengthen operational resilience. In view of the evolving cyber threat landscape, the Monetary Authority of Singapore ("MAS") has released the updated Technology Risk Management ("TRM") Guidelines on 18 January 2021. The key impacts to the revised TRM Guidelines include:

• Technology Risk Governance & Oversight - Increased emphasis on the responsibility of the Board of Directors and senior management in oversight and management of technology risk, including designating a technology risk management function.
• Appointment of Key Roles - MAS expects Board and senior management to appoint a Chief Information Officer (CIO), Chief Technology Officer (CTO) or Head of IT; and a Chief Information Security Officer (CISO) or Head of Information Security. These appointments should be minimally approved by the Chief Executive Officer (CEO).
• Third Party Risk Management - Additional requirements are imposed on FIs to assess the risks of engaging third parties, ensure that third parties implement measures to protect data confidentiality & integrity, conduct on due diligence and establish adequate safeguards to manage application programming interfaces (APIs) that communicate with the third parties, etc.
• Cyber Resilience - Emphasis on business and cyber resiliency to better respond to evolving cyber threats. FIs are reminded to adopt a defence-in-depth approach to strengthen cyber resilience.

Join us for a sharing session to explore key highlights of the revised TRM Guidelines and challenges faced by FIs in technology/cyber governance and risk management. The speakers will also discuss industry trends and practices in addressing the proposed regulatory requirements and expectations.

Speakers:

Daryl Pereira, Partner, Head of Cyber Security, KPMG Singapore and Member of IIA Singapore Technical & Technology Committee

Wendy Lim, Director, Cyber Security Consulting, KPMG Singapore

IIA NZ Members Complimentary. To register enter promo code "RISK0605".
The non-member rate will initially be displayed. To enter the promo code, please click 'Proceed to Checkout', confirm your details, and then you will be able to enter the promo code.

Register here.

CPE point : 1

If you have not attended a webinar with IIA Singapore before, you will need to set up a user name and password before registering.