Basel III

Compliance Solutions

Basel III

Reporting and audit compliance for the banking industry

Basel III is a set of international standards for financial institutions that focus on financial strength and stability. Though targeted at financial risks, Basel III also establishes several principles for internal controls intended to reduce the likelihood of fraud, misappropriation, errors, or misstatements that may involve technology systems.

Servergraph for Basel III

Rocket® Servergraph has robust security controls and backup management capabilities that enable an organization to ensure the availability and integrity of financial data in compliance with Basel III regulations.

 

Relevant criteria and capabilities

Basel III Principles

Rocket Servergraph Professional Capabilities

Principle 6:

An effective internal control system requires that there is appropriate segregation of duties and that personnel are not assigned conflicting responsibilities. Areas of potential conflicts of interest should be identified, minimized, and subject to careful, independent monitoring.

Detailed, customizable permissions can be configured for each user to support the rule of least privilege and segregation of duties.

Reports and alerts can be automatically distributed to any individuals, supporting segregation of duties, and facilitating review and monitoring processes.

Principle 7:

An effective internal control system requires that there are adequate and comprehensive internal financial, operational and compliance data, as well as external market information about events and conditions that are relevant to decision making. Information should be reliable, timely, accessible, and provided in a consistent format.

Servergraph collects information from backup software, hardware, and processes in your environment to document that all data backups are operating in accordance with your organizational policies.

Traps, reports, and alerts are customizable to capture relevant information for all of your backup control requirements.

Backup collection logs and reports are retained within Servergraph for a fully configurable duration to maintain historical evidence.

Principle 8:

An effective internal control system requires that there are reliable information systems in place that cover all significant activities of the bank. These systems, including those that hold and use data in an electronic form, must be secure, monitored independently, and supported by adequate contingency arrangements.

Reports and alerts can be automatically distributed to any individuals, supporting segregation of duties, and facilitating review and monitoring processes.

The Server Monitor feature shows real-time statistics and alerts for backup systems, such as storage utilization and disk capacity.

Aldon for Basel III

Rocket® Aldon Lifecycle Manager is used in the development of systems that a financial institution relies on for financial reporting and stability, thus certain Basel III principles are relevant. Aldon Lifecycle Manager (LMi and LMe) has robust security controls available to enable a company to design and implement controls to satisfy Basel III relevant internal controls principles.

 

Relevant criteria and capabilities

Basel III Principles

Rocket Aldon Lifecycle Manager Capabilities

Principle 6:

An effective internal control system requires that there is appropriate segregation of duties and that personnel are not assigned conflicting responsibilities. Areas of potential conflicts of interest should be identified, minimized, and subject to careful, independent monitoring.

Detailed, customizable permissions can be configured for each user to support the rule of least privilege and segregation of duties.

Reports and alerts can be automatically distributed to any individuals, supporting segregation of duties, and facilitating review and monitoring processes.

The Community Manager module supports automated, system-driven workflows that may include access rights management and review processes.

Principle 7:

An effective internal control system requires that there are adequate and comprehensive internal financial, operational and compliance data, as well as external market information about events and conditions that are relevant to decision making. Information should be reliable, timely, accessible, and provided in a consistent format.

All actions performed within the system, including accessing or modifying data, is logged and auditable.

Reports are available showing all administrative activity performed within the system, including the modification of user access and roles.

Principle 8:

An effective internal control system requires that there are reliable information systems in place that cover all significant activities of the bank. These systems, including those that hold and use data in an electronic form, must be secure, monitored independently, and supported by adequate contingency arrangements.

Aldon Lifecycle Manager and its associated modules (LMI, LMe, CM, and Security Service Manager) support unique user IDs for all individuals accessing the systems.

Passwords are required for users to access each system. LMI also supports integration with IBM i user credentials, and CM supports LDAP integration with Active Directory credentials.

Detailed, customizable role-based access levels allow an organization to define the exact capabilities of each system user. Permissions are granular to support any organization’s business needs according to the rule of least privilege and segregation of duties.

All actions performed within the system, including accessing or modifying data, is logged and auditable.

Reports are available showing all users with their associated access capabilities.

Reports are available showing all administrative activity performed within the system, including the modification of user access and roles.

Questions? Call us: U.S. +1 855-577-4323