Financial Regulators and Capacity Management
Balance. Everything from justice (support/opposition), to business (risk/reward), and IT Capacity (cost/performance), has a concept of balance.
In the not too distant past it could be suggested there was a lack of balance in the banking sector, between freedom for banks to run their own organizations, and regulation to try and make sure nothing bad happened. As we all know, things have changed quite a bit, and regulators are taking a lot more interest in all sorts of things within financial institutions.
One of the areas coming under the regulators spotlight more frequently is IT. Specifically around customer facing IT services. Services like Forex and the various Payments services. The question being asked is not one of technical functionality, but risk. While this covers the obvious items like DR scenarios, and security, it also covers Capacity Management and many other ITIL elements.
An IT service that doesn’t have sufficient capacity is a risk. Not looking to see if your IT services have sufficient capacity. That’s a bigger risk, and one the regulators really don’t like. Which brings us back to justice. It’s a long standing principal that justice itself is not enough. Justice must be seen to be done, for there to be confidence in the system. The same is true for the financial regulators. It’s no longer enough to show policies and processes are in place, there must also be evidence that these processes are being followed through.
For Capacity Management this increasingly means the need to show evidence of ongoing reporting, report distribution and Service Owners demonstrating they have capacity plans, historical reports and forecasts. Failure in these areas (as you’ll probably know if you’re reading this), can lead to all sorts of sanctions including an increase in Tier 1 capital. As well as senior staff suddenly finding themselves on the employment market. This means that capacity management and planning matters now, probably more than it ever has before.
Capacity matters as a centralized function. Gone are the days of “distributed capacity planning by chance”, where each platform team keeps an eye on capacity and starts to shout when they think things will look tight. The modern capacity report has to be focused on the IT service, and cover everything that supports the customer being able to use that service, even when extreme load and bad fortune are in play. This can only be done centrally.
One of the biggest risks to any Capacity Management process is still the manual element involved when staff are forced to “copy and paste” data from point tools for specific platforms into a central tool. Humans are fallible, and will make occasional mistakes. Automating Capacity Management with a tool like Athene helps reduce that risk.
With Athene we have continually improved our Integrator technology to import data from across the IT estate. Athene can then combine that data into relevant IT services. In the latest versions of Athene our Service View technology allows Service owners to identify and understand capacity risks to their service(s).
Download our eBook to discover what defines a mature capacity management process and key takeaways to become best in class.