sac证券期货经营机构信息技术治理工作指引(试行)(Sac securities and futures business institutions of information technology management guidelines (Trial))
Guidelines for the management of information technology in Securities and futures institutions (Trial)
Chapter 1 General Provisions
The first is to strengthen the securities and futures business institutions of information technology and management standard, improve the governance structure of the organization, improve the securities and futures business institutions of information technology management level, to ensure the security of information system operation, these guidelines are formulated.
Second information technology management (IT Management) refers to the use of information technology (hereinafter referred to as IT) in the process of making the IT decision right allocation and accountability framework, including the principle of the IT, IT architecture, IT infrastructure
Application of IT, application and IT into the 5 aspects of the development of the relevant system and establish an effective working mechanism, effective control and allocation IT decision responsibility and power, improve the effectiveness, safety and availability of IT resources.
The third IT governance is an important part of corporate governance, IT ability is one of the core competitiveness of
securities and futures business institutions, effective IT governance can continue to consolidate and enhance IT capabilities. Securities and futures institutions should be established
Effective IT governance mechanism, keep IT consistent with business objectives, make rational use of IT resources, effectively manage IT risk, ensure the construction and operation of information system safe, efficient and stable.
These fourth guidelines are applicable to securities and futures institutions, including securities companies, fund management companies and Futures Company (hereinafter referred to as companies). The IT governance of wholly owned subsidiary can be integrated into the parent company.
The second chapter, IT principle and governance goal
The fifth company should make clear IT principle. IT principle refers to the basic idea of using IT to achieve business goals, and makes clear provisions on the role of IT in the operation of the company and IT investment.
The sixth companies should formulate IT governance goals according to their business plans, and use IT to enhance the core competitiveness of the company, so that the company will get more profits from IT investment. IT governance objectives should include:
(1) making clear the power and responsibility of IT decision making;
(two) achieve effective matching of technology and business;
(three) to realize the optimal allocation of IT resources;
(four) IT risk can be managed and controlled.
Seventh the company shall make public governance IT process and feasible, clear link between the establishment of the company business and IT framework, to take effective measures to make the management of the company and the relevant departments and personnel to understand the IT principle and the goal of governance of identification with company.
Eighth companies should make IT plan according to their development needs. IT planning should be consistent with the development of the company, in line with the company's operating requirements for the IT, and enable the technology and business departments to correctly understand and grasp th
e company's requirements for IT.
Ninth companies in the formulation of IT planning, apply for the relevant business departments, financial management departments and internal control departments opinions, and report to the management of the company approved the implementation.
The tenth IT plan should meet the industry and company predictable business development requirements in terms of effectiveness, availability and safety, and make provision for capacity, performance and security.
The third chapter, IT governance organization and working mechanism
governanceThe eleventh company is the main responsibility of IT system construction, management and safety operation, the company should establish IT management organization and effective working mechanism, effective authorization and control IT decision, to establish the responsibility mechanism of IT decision-making, implementation and supervision through the establishment of related system.
The twelfth companies should establish a unified and coordinated IT governance mechanism in the headquarters, branches and wholly owned subsidiaries, and the lower level should be subordinated to the higher level.
Ultimately responsible general manager of the thirteenth company of IT governance effectiveness and safety of IT, the company shall appoint senior management personnel with IT professional work experience as the direct responsibility of company governance and the establishment of IT, director of IT or other similar positions IT full-time person in charge.
Fourteenth companies should set up IT governance committee or similar institutions, responsible for corporate IT governance. The IT Governance Committee is responsible to the management of the company,
The company management should provide the necessary system and mechanism guarantee for the IT Governance Committee to perform
its duties and perform its functions and powers.
IT governance is directly responsible, fifteenth IT IT, director of Corporate Governance Committee shall be responsible for the relevant business department IT responsible person, the person in charge of finance, as well as the person in charge of internal control part of the technical backbone and staff, the IT staff ratio should be above 30%. The company may hire outside professionals as members or consultants.
The sixteenth IT Governance Committee should establish a clear working system. At least one meeting is held every quarter or a temporary committee meeting is held as required.
The seventeenth IT Governance Committee shall perform the following duties:
(1) draw up corporate IT governance objectives and IT governance work plan;
(two) review the IT development plan of the company;
(three) review the company's annual IT work plan and IT budget;
(four) reviewing the project approval, investment and priority of the major IT projects;
(five) examine the company IT management system and important processes;

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。