PIB 6.6.1 Guidance
1. IT systems include the computer systems and information technology infrastructure required for the automation of processes and systems, such as application software, operating system software, network infrastructure, and desktop, server and mainframe hardware.
Authorised Firm should consider the following in establishing its systems and controls for the management of IT system risks:
a. governance and oversight controls that ensure technology, including outsourcing arrangements, is aligned with and supportive of the
Authorised Firm's business objectives;
Authorised Firm's organisation and reporting structure for technology operations, including adequacy of senior management oversight; and
c. the appropriateness of the systems acquisition, development and maintenance activities, including the allocation of responsibilities between IT development and operational areas.
Derived from RM111/2012 (Made 15th October 2012). [VER20/12-12]