Technology risk should never stop an institution from embracing digital, but it should add a critical design element as each new project is added. And digital projects always merit C-suite and board consideration of how they change the risk universe.
How can we become confident and trusted entities that are increasingly global while still complying with diverse data privacy and security laws and regulations?
One good news is that the Institute of Big Data Governance (IBDG) in Hong Kong is on track to create a Greater Bay Area cross-border scheme that will give institutions a single certification standard for enabling cross-border data transfers, leveraging Hong Kong as the international big data hub. IBDG is working with EY, governments and regulators, researchers and technology, and business sector leaders including, the major technology giants from US and China, and also the key representatives from the financial services industry. The aim is to allow businesses to have free – yet still approved and controlled – cross-border data flows as cost effectively as possible.
This and other cross-industry data governance developments will eventually simplify at least one aspect of technology risk controls. Institutions can expect to see progress from this initiative in the coming months. At the same time, as leading companies get controls right, the learnings will cascade throughout their respective industries.
Summary
Technology risk will become embedded in the risk universe, with robust controls executives and boards can rely on to make sense of the risks and opportunities they face today and ensure their company’s trust tomorrow and beyond. Until then, technology risk must be at the top of the governance agenda for every digital implementation.