KMYou can read more here about possible direction banking platforms are headed.The day central bank will demand ESB as a standard, is te day 1) banks will cut the shackles of core system vendors, 2) banking 'IT audit' will become easier and possible, and 3) changing/ upgrading core systems will no longer be as dramatic as today.The third example is too blatantly reckless to be written...Another was cross-sold to an emerging ESB with little field proof....it worked....for a few years... could not scale...now they are changing....A nice, best-of-breed bank acquired one of big name ESBs 4 years ago... it has never worked. To just get something configured you need a consultant from Mars at $500 per calendar hour, per diem to boot.....and hey - he flies business and must see family every 6 days.(JBoss is not too expensive, but often confused with Wildfly - the open source API). Let me paste a very partial picture of ESB adoption in .keAll major banks will tell you that they have ESB, but they are either shells or highly un-optimized installations.Hi Ngigi,Yes, Enterprise Service Bus.
The difficult part in ESB is building connectors/ adapters to and from core system....and maintaining those adapters such that all applications are fully dependent on middleware and not point to point with core.
The most ubiquitous ESBs... websphere, Oracle, Red Hat's JBoss Fuse and such others lifted off Gartner's magic quadrant come at a stiff implementation, support and maintenance cost. Other more robust and affordable such as I-CON from Prosol and Talend - lack name recognition and smooth talking salesmen; but are more promisingOn Thu, Apr 28, 2016 at 3:30 PM, Ngigi Waithaka <ngigi@at.co.ke> wrote:Machuhi,ESBs would be Enterprise Service Bus? If so, whats the current status of their adoption amongst Banks in .KE?RgdsOn Thu, Apr 28, 2016 at 3:20 PM, K Machuhi via kictanet <kictanet@lists.kictanet.or.ke> wrote:Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/ngigi%40at.co.keDisclosure: bank's so called 'IT audit' is part of what puts food on table in my house.
The correct approach is Enterprise IT audit; looking at (core) system, data, processes. Then people and bank's strategy. Subject matter expertise (SMEs) on core system is must have for most Kenyans bank's, but as ESB's get adoption, that necessity will diminish.
The worst mistake bank's make is to get 'IT audit' from conventional auditors. Technology side is cryptic, and unless you have someone who can ask the right questions, auditors will be made to find out what the bank IT team wants them to find out.
Central banks IT audit should simply be outsourced to SMEs. Experts will not apply for employment with cbk.
Also, you will not yet find the SMEs registered with a sector association. At the moment, highly qualified persons capable of doing a proper IT audit are so few, the world needs them more than they need the world.Unless central banks act fast (moreso in kenya), there will be faceless banks operating outside the regulator. Purely driven by peer to peer and non conventional delivery channels.
Km
On Apr 27, 2016 5:41 PM, "waudo siganga via kictanet" <kictanet@lists.kictanet.or.ke> wrote:Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/kmachuhi%40gmail.comHi Kivuva,My understanding, although of course open to correction, is that IT Systems Auditors are essentially certified auditors with specialist training and skills to audit "through" and "around" IT systems. I would envisage someone with an auditing qualification backed up with a supplementary qualification is systems auditing but at the end of the day this person is an AUDITOR. In addition the training for today's certified auditors already includes systems audit as a subject. So the key skill is auditing, supplemented by systems knowledge. If this is the case then these professionals are already covered under statutory provisions.WaudoOn Wed, Apr 27, 2016, at 04:25 PM, Mwendwa Kivuva via kictanet wrote:On 27 April 2016 at 16:12, Paul Roy <roykoikai@gmail.com> wrote:Last - As long as I am a the helm of ISACA Kenya, I would like to open up our doors to the various experts within the industry who are willing to retrain IT auditors, IT Security professionals to consider ISACA as an ally. Let us work together, talk to me, come for one of the evening talks and let us grow and strengthen the profession.
Hi Paul,Thanks for the elaborate reply.My main concern is if it's legislated that people with valid IT Systems Audit certifications are the only ones doing IT audits for public interest organisations. The way only Lawyers can only do certain duties, or CPAs. Is this something feasible?Regards
_______________________________________________kictanet mailing listUnsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/emailsignet%40mailcan.comThe Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________
kictanet mailing list
kictanet@lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________
kictanet mailing list
kictanet@lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.--Regards,Waithaka NgigiChief Executive Officer | Alliance Technologies | MCK Nairobi Synod Building