Do you understand your cloud software vendor’s risk management processes?

Asset managers need to procure cloud systems that deliver all the promised benefits and have all the right risk management processes.  But too often,  leaders are removed from the reality of what it takes to do this.

These processes are becoming critical for cloud technology users.  Technology is advancing — uncomfortably fast for many.  Customers’ needs and expectations evolve,  and your business needs grow with them.

Investors expect speedier,  more reliable services; more focused and relevant information,  delivered when requested;  all accessible with less effort.  Service downtime is unacceptable.  Consciously noticing a load time means it is taking too long.

Furthermore, security breaches can destroy a brand,  and recovering from that can take years.  Trust with personally identifiable information (PII) data is not easy to win back.

risk management processes

Cloud comes of age

For many asset managers,  the fundamental transition towards cloud technology was inevitable,  likely overdue and led to exciting work programs – even if they are extensive and possibly still ongoing.

Cloud computing brings significant benefits including cost reductions in managing and maintaining IT systems.  It enables scalability,  business continuity and disaster recovery and security.  Cloud software also offers collaboration efficiency,  sustainability through updates and quality control.

IT teams,  marketers and digital professionals will understand why these are all fundamental positives for asset managers looking for an edge in ever more competitive markets.

But their process and policymakers are too often removed from the reality of what it takes to procure software with the right benefits and risk management processes.

Cloud software has come of age and there are plenty of products out there that can delight users.  There are many vendors offering ‘unique services that revolutionize your business’.

But how can you keep up and what issues should you consider when procuring software?  And how can you balance these benefits with all the necessary risk management processes, compliance,  and regulatory obligations?

cloud computing

No way around risk management

These challenges are no longer the preserve of large financial firms,  they are permeating through to the smallest companies.  Regulators are demanding risk management processes.  So are institutional and retail customers. There is no shortcut and no way to bypass this.

Kurtosys have these issues covered.  Some other vendors need to stop promising the earth but tiptoeing over some of the more fundamental risk management questions asset managers may have when procuring cloud-based services.

risk management processes

Here are some additional issues asset managers should focus on.

Business continuity — having robust processes and guarantees ensures the reliability of the service and provides clear options if the scheduled service goes wrong.

Security of data — the asset manager is the data controller.  So security levels and protocols (particularly around personal information) that align with internal policies and governance are critical.

Avoiding breaches and preventing data loss is also a concern.  Selecting a vendor with clear data loss prevention strategies,  for internal employees and external individuals or groups,  is paramount.

Proactive services management — it is unlikely that a single vendor will offer all services,  support and ongoing delivery in isolation from any other service provider.  A key question is are your vendors managing their own suppliers effectively to ensure they can deliver and meet the original service level agreements agreed?

Publishing market sensitive information — timing,  accuracy and audience type are important.  If they are compromised,  there could be regulatory consequences. So the automation processes used in publishing data may be relatively simple,  but they carry disproportionately high risk should they fail or be corrupted.

Guilty by association — do your vendors ensure companies in their supply chain address ethical aspects such as sustainability, diversity, fraud and slavery? Do your vendors address these themselves? Do they handle them thoroughly on an ethically sound footing? Are there potential negative associations with your brand in using that vendor, or one of their suppliers?

Security is paramount

At Kurtosys, we aim to instill total confidence in choosing us as a partner.  We have a comprehensive risk treatment plan in place to ensure that important issues are addressed and improved.  We focus extensively on all the points above to ensure our solution is robust for the long term.

Security is paramount.  We follow all the latest best practice on security to ensure your peace of mind.  Read more about how we protect our clients’ sites in these articles about the risks of data breaches and about how user experience can be damaged by inadequate security configurations.  Both are written by our information security engineer Gerhard Vana.

risk treatment plan

Smart solutions

We are proud of our fast,  secure,  scalable and easy-to-use technology.  We love solving our clients’ problems with smart applications of technology and creativity.  Where it makes sense,  we partner for the long run,  and that’s often where the highest value is seen.

Are you struggling to keep up with changing trends? Do you need to automate difficult and costly processes, deliver critical data at pace or enhance your customers’ digital and web experience?  If so,  get in touch today.  Talk to our team and arrange a demonstration of how our tools and services can add value to your digital transformation.


Get in touch

Drop us a line and a member of our team will be in touch with you shortly.