The Shared Assessments Program was created by BITS, a non-profit industry consortium made up of 100 of the largest financial institutions in the United States. CSI will use its new license to create an open source application that facilitates efficient use of the Shared Assessments vendor questionnaire.
CSIâs project, which applies best practices from the open source development model, enables CSI to add value to both commercial and custom risk management systems. The project allows financial institutions to make vendor data more readily available through a web services front-end application for collection and editing shared assessment submissions and an XML schema for validating and accepting those submissions as XML documents.
The CSI web-based compliance questionnaire framework can run on its own or be directly integrated with existing operational risk systems. CSI will offer an XML-based interchange mechanism that can be used by service providers and their financial institution customers to streamline and accelerate their participation in the Shared Assessments Program.
CSI project benefits will include:
- An XML schema for exchanging the Standardized Information Gathering Questionnaire that removes the manual importation effort and lack of consistency inherent in spreadsheet implementations.
- Multiple low-cost application distribution options so supplier firms can more efficiently create and submit vendor documents.
- Protection for internal developers and vendors of operational risk systems so they donât need to constantly update custom applications as vendor data requirements mature and change.
- Fully supported downloadable software plus a software-as-a-service option for companies who donât want to maintain their own application instances.
âThis is a perfect opportunity for all banks to work collaboratively in the face of government regulatory pressures to create a standard reference implementation that will result in dramatic efficiency improvements and lowered costs,â said Stuart Cohen, CEO of the Collaborative Software Initiative. âWe expect to see this business approach proliferate so the entire banking industry can benefit from improved data security and fewer man hour expenditures on perfunctory tasks.â
âThe BITS SIG vendor questionnaire helps to limit the exposure that banks have to risk by providing industry-wide consistency in capturing data privacy and information technology security information. The CSI regulatory questionnaire framework along with the XML SIG definitions makes it easy for vendors to create, maintain, and securely release a human and machine-readable document to their financial institution customers,â said Evan Bauer, CTO of the Collaborative Software Initiative. âMoving to a workflow-based application to create an XML document described by a full schema means less labor, less cost and instantaneous submission and acceptance -- streamlining the process for everyone involved. This project is an important first step for the financial services industry to move toward open source standards and collaborative development for compliance applications.â
âFinancial institutions can outsource their services, but they can never outsource the risk associated with those services. The Shared Assessments Program offers efficiencies and cost savings to both financial institutions and their service providers,â said Michele Edson, SVP of the Santa Fe Group and Program Lead for the BITS Shared Assessments Program. âCSIâs open source questionnaire platform introduces additional operational efficiency to all who participate in the Shared Assessments Program.â