Application Management at Be GmbH
Be Shaping the Future (DE)11.07.2019
The Application Management process guides how business applications are developed, managed, improved, and when necessary decommissioned.
Specific challenges arise in the application management of capital markets standard software packages, which lead to high costs and risks:
- Continuously high need for change (time to market requirements, need to increase operational efficiency, regulatory pressure) combined with very high requirements regarding stable operations
- Very specialized skill requirements, due to common use of very specific and highly customizable standard software packages.
- Flexible team size requirements – minimum team sizes are necessary to deal with support requirements (cover business hours), while team size peaks occur regularly in particular in context of release upgrades.
In addition to this, Application Management includes usually production environment related tasks – hence compliance is an issue since externally performed tasks might be considered as an essential outsourcing according to MARisk.
In order to simplify auditing procedures for the financial institutes, an option for service institutes is to go for ISAE3402 – “International standard on Assurance Engagements (ISAE) No. 3402, Assurance Reports on Controls at a Service Organization”.
According to http://isae3402.com/ISAE3402_overview.html, “ISAE 3402 was developed to provide an international assurance standard for allowing public accountants to issue a report for use by user organizations and their auditors (user auditors) on the controls at a service organization that are likely to impact or be a part of the user organization’s system of internal control over financial reporting.”
Be offers application management services in shared service centers, comprising a highly skilled and flexible team, clearly defined services and processes, and in particular compliance via an ISAE3402 proven internal control system.
Our service model comprises of standardized processes, which are in the transition phase tailored to the needs of the client. A regular process review ensures that they fit to current needs.
Our Internal Control System (ICS) is derived from a risk analysis of the service, e.g. covering process risks, and is the basis of quality and compliance. We elaborate a detailed Risk Control Matrix, which is afterwards the base for defining Controls of our ICS and for creating an ICS Monitoring plan.
An ISAE report, stating the adequacy of controls and showing also the effectiveness of implemented controls, has been created for parts of our run services recently.
Be is offering services for many standard capital markets software packages. Be has a proven track record of successful projects and application management services delivered. We provide specific assets, in particular related to efficient automatic testing, to deliver an outstanding service quality with a highly competitive price. The service delivery can either be performed onsite at the client premises or in one of our service centers (e.g., in Magdeburg, Warsaw, Milan or Lisbon).
Be has a standardizes service transition model to guarantee a successful take-over of application management services, in an incremental way.