1. Mandate
The mandate of the Department of Information Communication Technology is to enable operations of the Bank through provision of information technology based services required to facilitate the efficiency and effectiveness of the Bank’s business processes2. Objectives
The objective of the Department is to support strategic direction of the Bank by enabling the Bank in its different functional areas through;
•Planning of Information Systems and Infrastructure required to support the strategic direction
•Delivery, Maintenance and support of information systems and infrastructure required to support the strategic direction
•Training on ICT Systems and Technologies3. Divisions
The Department consists of four (4) Divisions namely; Enterprise Architecture and IT Governance, Business Solutions and Infrastructure and Operations.a)Enterprise Architecture and IT Governance Division
The mandate of the division is to determine the information technology requirements of the various functional units of the Bank and to establish information technology roadmaps to best support the short-term, medium-term to long-term objectives of the Bank. The division is also mandated implement IT Governance and Service Management practices in order to ensure that ICT department delivers its services effectively, efficiently and in accordance with best practices in the field.
Functions of the Enterprise Architecture and IT Governance Division include the following:
- To facilitate the planning of information technology solutions for the Bank through establishment of enterprise architectural roadmaps
- To optimize the Banks business processes in order to enhance the overall efficiency of the Bank in carrying out its operations
- To implement IT Governance and Service Management practices in order to ensure that ICT department delivers its services effectively, efficiently and in accordance with best practices in the field
- To manage IT compliance to technology licensing requirements, general IT controls as well audit and risk management recommendations
b) Business Solutions Division
The mandate of the division is to execute projects for delivery of new or enhanced Information Technology based solutions required to support short-term, medium-term to long-term objectives of the Bank. The division is mandated to maintain and support the Information Technology based solutions of the Bank.Functions of the Business Solutions Division include the following:
- To undertake detailed analysis of business area requirements for planned information technology based solutions
- To identify solutions to best address the requirements for planned information technology based solutions
- To acquire, build, enhance and integrate Information Technology based solutions
- To maintain and support the Information Technology based solutions
- To provide training of end users on implemented Information Technology Based Solutions
c) Infrastructure and Operations Division
The mandate of the division is to establish new or enhanced networks, hardware and infrastructure components required to support short-term, medium-term to long-term objectives of the Bank. The division is also mandated to look after IT security infrastructures to protect the Bank’s environment and information.Functions of the Infrastructure and Operations Division include the following:
- Establishment and maintenance of network and data communications infrastructure platforms necessary to host business applications;
- Establishment and maintenance of data center infrastructure technologies;
- Establishment and maintenance of network and infrastructure security solutions
- Establishment of disaster recovery and business continuity measures on hardware, networks and infrastructure;
- Provision of end-user training on desktop automation software solutions, collaboration and mobile software
- Operating the end-user support service desk
d) Information Security Services Division
The mandate of the Information Security Services Division (ISSD) is to, among others, execute and implement the Bank’s Information Security Policy and Cyber Security Framework. The overarching objective of ISSD is to protect the Bank’s information assets from loss, damage and misuse. ISSD protects the Bank’s Critical Information Infrastructure (CII) against any form of attack emanating from threats in the cyber space, in the quest to minimize cyber and information security risks the Bank faces. The ISSD ensures that the Confidentiality, Integrity and Availability (CIA) of the Bank’s CII is preserved, owned and controlled.
To achieve this, the ISSD pro-actively Identifies threats and consequently cyber and information security related risks parallel to the Bank’s risk management strategy, Protects the Bank through implementation of appropriate security safeguards, Detects in a timely manner any cyber and/or information security breaches, Responds to detected breaches leading to their Prevention and executes appropriate activities to Recover from any information and/or cyber security related incidents to maintain plans for resilience and to restore any capabilities or services impaired.
In conjunction with the above, the ISSD focuses on the following to promote cyber security resilience:
- Combatting cyber crime
- Providing cyber incident response
- Securing the Bank’s CII
- Providing cyber security governance
- Promoting information sharing
- Providing cyber awareness training and education within the Bank