IT risk management

The challenge

As the complexity and speed of change in the technology ecosystem for financial services increase, so do the risks involved.

Unprecedented investment in digital capabilities and emerging technologies, together with continued customer and market-impacting technology failures, have driven regulators to enforce even tighter rules of engagement.

As a result, firms are increasingly challenged on their ability to understand, manage and mitigate risk exposures, with regulators asking that additional capital be held where firms are unable to demonstrate this. Simultaneously, unprecedented levels of complex technology change have increased the need for assurance over outcomes, whilst the pressure to curb or reduce costs remains.

The right solutions and capability will enable organisations to:

  • ensure that IT Risk practices are ‘fit for purpose’ and factor in future requirements and emerging technologies;
  • achieve a resilient business where risk appetite is clearly defined and understood; and
  • provide a proportionate response to technology risk in an environment of competing pressures, cost and regulation.

Our services

Failures to core systems undermine confidence in financial institutions and are detrimental to customer outcomes and market integrity. As complexity and connectivity increases, so does risk. We help businesses understand, identify and manage these technology risk exposures, the impact to critical functions, and business interactions with markets and customers.

IT risk

Technology risk management services support our clients in establishing, improving and embedding effective technology risk functions and improve oversight. The service focuses on the core responsibilities for technology risk functions across the lines of defence (LoD) and includes:

  • Risk governance, appetite and reporting
  • Risk identification, assessment and mitigation
  • Risk reduction and response
  • IT risk management automation
  • Managed services for IT risk

View more

IT resilience

We support our clients in maintaining a robust control environment that identifies and mitigates operational resilience risks. The service focuses on helping clients to define and execute a holistic, risk led approach to identify, prioritise and protect critical services and includes:

  • Assessing end-to-end IT service resilience and delivery capabilities
  • Translating regulatory expectations into operational requirements
  • Technology and business risk alignment
  • Incident response and root cause analysis
  • Remediation planning and execution
  • BCM/ITDR managed services

View more

Strategy and transformation

Helping organisations control agile and waterfall programmes as well as wider transformations resulting from cloud migration and use of DevOps. This includes:

  • Portfolio analysis and programme health checks
  • Stage gate reviews
  • Deep dives
  • Quality closure testing
  • Integrated ‘continuous’ assurance

View more

Emerging technology

Understanding the risks around new technologies and using bespoke frameworks to assure the design and implementation of Blockchain and Artificial Intelligence technology. This service provides:

  • Cloud computing and transformation assurance
  • Artificial Intelligence and emerging technology risk frameworks
  • Blockchain assurance
  • Assurance over agile and devops methodologies

View more

Digital integration

GRC (Governance, Risk and Compliance) technology services support our clients in enhancing their lines of defence, improving risk awareness and reducing the level of manual effort required to gather risk information for critical investment and prioritisation decisions. The service focuses on:

  • Creating the strategy and vision for LoD
  • Automation, supporting vendor selection
  • Coordinating and driving implementation
  • Supporting transformation to expand and/or integrate risk intelligence solutions.

View more

Explore how else we can help you with business-led technology transformation

Navigate risk and regulation in financial services

Services

Find out more

Accelerate digital transformation in financial services

Services

Find out more

{{filterContent.facetedTitle}}

{{contentList.dataService.numberHits}} {{contentList.dataService.numberHits == 1 ? 'result' : 'results'}}
{{contentList.loadingText}}

Contact us

David Lukeman

Partner and FS IT Risk & Resilience Leader, PwC United Kingdom

Tel: +44 (0)7801 227259

David Bettesworth

Partner, PwC United Kingdom

Tel: +44 (0) 7764 958 594

Simon Chard

Partner, PwC United Kingdom

Tel: +44 (0)7740 241051

Follow us