Emerging IT risks: insights from German banking

Ashby, S., Buck, T. , Nöth-Zahn, S. and Peisl, T. (2018) Emerging IT risks: insights from German banking. Geneva Papers on Risk and Insurance - Issues and Practice, 43(2), pp. 180-207. (doi:10.1057/s41288-018-0081-8)

[img]
Preview
Text
160173.pdf - Accepted Version

780kB

Abstract

How do German banks manage the emerging risks stemming from IT innovations such as cyber risk? With a focus on process, roles and responsibilities, field data from ten banks participating in the 2014 ECB stress test were collected by interviewing IT managers, risk managers and external experts. Current procedures for handling emerging risks in German banks were identified from the interviews and analysed, guided by the extant literature. A clear gap was found between enterprise risk management (ERM) as a general approach to risks threatening firms’ objectives and ERM’s neglect of emerging risks, such as those associated with IT innovations. The findings suggest that ERM should be extended towards the collection and sharing of knowledge to allow for an initial understanding and description of emerging risks, as opposed to the traditional ERM approach involving estimates of impact and probability. For example, as cyber risks emerge from an IT innovation, the focus may need to switch towards reducing uncertainty through knowledge acquisition. Since individual managers seldom possess all relevant knowledge of an IT innovation, various stakeholders may need to be involved to exploit their expertise.

Item Type:Articles
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Buck, Professor Trevor
Authors: Ashby, S., Buck, T., Nöth-Zahn, S., and Peisl, T.
College/School:College of Social Sciences > Adam Smith Business School > Management
Journal Name:Geneva Papers on Risk and Insurance - Issues and Practice
Publisher:Springer
ISSN:1018-5895
ISSN (Online):1468-0440
Published Online:28 March 2018
Copyright Holders:Copyright © 2018 The Geneva Association
First Published:First published in Geneva Papers on Risk and Insurance - Issues and Practice 43(2): 180-207
Publisher Policy:Reproduced in accordance with the publisher copyright policy

University Staff: Request a correction | Enlighten Editors: Update this record