The legal requirements for demonstrating the availability and service quality of essential applications are constantly increasing - especially for financial service providers.
Companies must be able to provide the Federal Financial Supervisory Authority (BaFin) with information on the quality of the IT services they provide. For this purpose, the BAIT set of regulations was drawn up, from which VAIT also evolved. This set of regulations was sent to the financial service providers and is audited by BaFin. In addition to this, the requirements of the General Data Protection Regulation (GDPR) must now be observed too.
BAIT/VAIT is particularly concerned with key figures for verifying availability, service duration and other performance parameters of essential applications. This flow of information is the same whether the service is provided by your company, a subsidiary or a third party. For many companies, compiling and reporting these key figures poses a major challenge.
Q-Board One supports internal risk controlling with the necessary key performance indicator systems and improves data quality, whilst at the same time providing immediate causal analysis through action tracking. Q-Board One is used by well-known clients to assist with BaFin and/or other audits.
BAIT/VAIT and Service Quality Management
Viele der Anforderungen der BAIT/VAIT basieren auf der Aussage, wie gut oder weniger gut bestimmte Prozesse und Services (als Ergebnis eines Prozesses) ausgeführt werden. Zusätzlich wird ein gemanagter Prozess verlangen, um auftretende Mängel abzustellen.
Ebenso können bestimmte Risiken des IT Betriebes mit einem Service bzw. einem Prozess, welcher Services als Ergebnis liefert, verknüpft werden. Mit dem Definieren von Schwellwerten kann jederzeit festgestellt werden, wann ein Risiko eintritt oder der Eintritt droht.
BAIT/VAIT und Q-Board One
Many of the BAIT/VAIT requirements are based on the notion of how well or less well certain processes and services (resulting from a process) are executed. In addition, a managed process is required to remedy any defects that occur.
Likewise, certain risks of IT operations can be associated with a service or a process that delivers services as a result. By defining threshold values, it can be determined at any time when a risk will occur or threatens to occur.
BAIT/VAIT Quality Center and Q-Board One
In Q-Board One, it is possible to map all types of key figures. It is important that there is a corresponding target value (specification from contract, BAIT/VAIT, management, and so on) and a corresponding measured value that can be uniquely assigned to a key figure. If these prerequisites are fulfilled, any key figure can be mapped.
Q-Board One checks for defined business regulations and applies them autonomously. Typical questions in this context are:
The following are examples of KPI's from the key figures catalogue.
Key figures for batch processing:
Key figures for business & compliance: