Volltext: IT & Finance

Abstract. Recently, new regulations, such as the Sarbanes-Oxley Act and the 
Basel II Capital Accord, have been created in response to the bankruptcy of 
some important economic actors. New risk profiles appeared in the market 
place and those new regulations address them by giving support to the stability 
of the financial and economic system. The burden that might come from the 
regulations could endanger the economic actors' capabilities for innovation. 
However, new risk profiles must also be addressed with business innovation. 
The use of quality goals to express the regulations is advocated in this paper in 
order to enhance both the innovation and the financial and economic stability. 
An example of this method is presented on the Basel II regulation: the 
operational risk management has been translated into an assessment process 
model conformant to the ISO/IEC 15504 standard used in quality management. 
This model is a basis for the integration of the activities done by business 
process managers, risk managers, compliance managers, quality managers, 
business unit managers and IT managers. 
1 Introduction 
An increasing number of new regulations is imposed on financial institutions. Their 
aim is mainly to improve the stability of the national and/or international financial 
system. The most important impact on those institutions is that they have to improve 
their financial reporting system and set up a robust operational risk management 
system. This appears often as costly and burdensome, and might even prevent those 
institutions to increase their profits by introducing innovations into new products or 
new services. 
However, these regulations when implemented by using the adequate tools (ie. 
methods and IT systems) can be seen as opportunities that generate profits. The 
ISO/IEC 15504 standard [8,9] 1s one of such tool that can offer the right level of 
integration between the business unit manager that have the responsibility to generate 
profits, and the other managers that must support her/him in reaching her/his business 
The ISO/IEC 15504 standard focuses the description of the business processes on 
the goals that they have to fulfill instead of their operational details [5]. The standard 
gives also a mechanism allowing an accurate, objective and repeatable measurement 
of the goal fulfillment. When business unit managers have defined their strategic 
business goals, it is easy to refine them into business process goals and, using the 
measurement mechanisms, to also provide performance indicators of the strategic 
business goals. Although the full operational details of the business processes can be 
defined later into specific process implementation task forces, the process goals and 
performance indicators imposes the fulfillment of the strategic business goals. The 
business unit manager can make decisions at the right level of abstraction. Moreover, 
when it is necessary to assess products or services offered by solution providers the 


Sehr geehrte Benutzerin, sehr geehrter Benutzer,

aufgrund der aktuellen Entwicklungen in der Webtechnologie, die im Goobi viewer verwendet wird, unterstützt die Software den von Ihnen verwendeten Browser nicht mehr.

Bitte benutzen Sie einen der folgenden Browser, um diese Seite korrekt darstellen zu können.

Vielen Dank für Ihr Verständnis.