Very often, the bank’s IT infrastructure is presented to top management as a kind of “black box”, a thing in itself. Its development is entirely at the mercy of the IT department of the bank, including planning issues. In this case, the only possible control on the part of top management is to partially cut the financial demands of IT services. At the same time, no one can guarantee that the financial investments of the bank will be spent in a targeted manner, will lead to an increase in labor productivity and increase the efficiency of the information system as a whole.
Failures and problems in the functioning of the information system are attributed to some “general problems of IT infrastructure development”, typical for the banking community and “the same for all Ukrainian banks”. There is no record of failures and analysis of their causes, failures of the same type are repeated, because “nothing can be done”. One gets the feeling that the information system does not work for the needs of the bank, but vice versa — the bank exists so that the information system can function.
Let’s ask ourselves a question: is it possible, without going into technical details, to understand how the bank’s information system functions and what the money requested by the IT department is spent on? Is it possible to assess the risks associated with the bank’s IT infrastructure and effectively manage them? How to ensure that the IT infrastructure develops in line with the bank’s business goals?
If we abstract from technical terms, then it turns out that the information system of the bank belongs to the class of complex distributed systems. The issues of managing such systems and planning the processes of their evolution (growth, stagnation, reduction) are dealt with by the field of knowledge called “System Integration”.
System integration, as such, includes a number of methods for effective management of all components of the bank’s information system — the IT infrastructure itself (data networks and network equipment, workstations and servers, etc.), the entire software complex and the IT service department.
These techniques allow:
analyze the current information system for its efficiency and fault tolerance;
to form key criteria that qualitatively and quantitatively characterize the processes occurring in the system;
determine the “nodal points” of the system — both in terms of system management, and in relation to its operational parameters — fault tolerance and load capacity;
take into account the risks generated by the bank’s information system and evaluate these risks according to a number of criteria — the likelihood of occurrence, the amount of potential losses, and so on;
build or modify the information system in the most efficient way in accordance with the main business goals of the bank;
synchronize the information system development plan with the bank development plan.
System integration and analysis of risks caused by the bank’s IT infrastructure
Modern banks use in their activities a number of information systems that automate one or another of their business processes. The range of such systems is wide — it is ABS, CRM, credit scoring software, BI class software, and so on. All these systems, as a rule, are written by different developers, have different architectures, but considered as a whole, they form a single information space of the bank.
The typical structure of a large bank implies the existence of a central office and a number of branches, which, in turn, manage a network of branches. The system looks like a pyramid, at the base of which there are bank branches — organizational units that ensure the work of banks with consumers. The next step is branches, and, finally, the top of the pyramid is the Central Office.
Let us illustrate the general principles of a distributed information system using a simplified example. Omitting technical details, an information system consists of three types of components:
nodes that process and store data;
A user working in a branch office creates data, for the processing of which some node of the information system is responsible. The physical location of this node depends on the architecture of a particular information system: it can be located both in a branch or in the central office of the bank, and outside it.
An example of a data processing node physically located outside the bank’s local network is the BKI (Credit Bureau). A bank employee, who is a user of some information system, forms a request for the borrower’s credit history (i.e. requests data), the credit history bureau service (processing node) finds the borrower’s data in its storage, and returns the results of the request. The bank’s information system contains a large number of data processing nodes operating on a similar principle. The difference from the above example is in their physical location in the bank’s local network.