Dr. Beat Liver works as an Enterprise IT Architect at Credit Suisse, where he develops architectures for application and process integration. This includes developing standards and guidelines, leading related pilot and infrastructure projects, carrying out reviews delivering training and consulting projects. Previously, he was working in the Treasury Front Office application development at Credit Suisse in Switzerland in various roles. Before that, he was working in computer and telecommunications R&D.
Multi-national enterprises, like financial services companies, operate large and critical information systems around the globe on a 24/7 basis. In an
information-based business, even a single inadequately designed, implemented, tested and operated business application can put the existence of the
enterprise at risk. For adequately securing the integrity of business critical information and hence ensuring that such information is meaningful, accurate and timely, we present our risk assessment and controls framework: First, we introduce our criticality rating scheme that is based on the
recoverability from integrity failures. For dealing with dependencies among applications, we present our approach based on services given a Service-Oriented Architecture (SOA). Second, we provide an overview of our design-related controls including a data analytics approach to continuously audit the most critical information assets. Finally, we present our learnings from a first implementation of the presented framework.