Top 10 vendor manager interview questions and answersjonhjonh113
The document provides information about vendor manager interview questions and answers. It includes 10 typical interview questions for a vendor manager position and sample answers, such as why the applicant wants the job, what challenges they are looking for, and what they have learned from past mistakes. The document also lists additional useful resources for preparing for a vendor manager interview, such as ebooks on common interview questions, interview techniques, and sample follow-up letters.
The document discusses the need for a centralized Vendor Management (VM) function at NJM to better manage its large number of vendors and contracts. It proposes creating a Vendor Management Office (VMO) to develop standardized processes and templates for vendor selection, contract management, performance monitoring, and relationship management. The VMO would establish a master vendor list, classify vendors, and help integrate VM processes into existing work models.
The document discusses various aspects of vendor management including governance, performance evaluation, monitoring, and strategic partnership. It provides details on developing vendor profiles, assessing risks, establishing governance disciplines, evaluating quality and performance, linking key performance indicators to business benefits, monitoring through scorecards and metrics, and fostering strategic partnerships through mutual goals and trust.
Top 10 vendor manager interview questions and answersjonhjonh113
The document provides information about vendor manager interview questions and answers. It includes 10 typical interview questions for a vendor manager position and sample answers, such as why the applicant wants the job, what challenges they are looking for, and what they have learned from past mistakes. The document also lists additional useful resources for preparing for a vendor manager interview, such as ebooks on common interview questions, interview techniques, and sample follow-up letters.
The document discusses the need for a centralized Vendor Management (VM) function at NJM to better manage its large number of vendors and contracts. It proposes creating a Vendor Management Office (VMO) to develop standardized processes and templates for vendor selection, contract management, performance monitoring, and relationship management. The VMO would establish a master vendor list, classify vendors, and help integrate VM processes into existing work models.
The document discusses various aspects of vendor management including governance, performance evaluation, monitoring, and strategic partnership. It provides details on developing vendor profiles, assessing risks, establishing governance disciplines, evaluating quality and performance, linking key performance indicators to business benefits, monitoring through scorecards and metrics, and fostering strategic partnerships through mutual goals and trust.
Anti Credit Abuse & Acquisitions Seminarenlightful
A seminar I gave at Minsheng Banking Corp's Card Headquarters in Beijing. The audience included Minsheng Card's most risk managers and VP Card Services. In Mandarin.
From http://www.csdn.net/article/2015-12-17/2826501
《数美公司联合创始人兼CTO梁堃:Sentry金融实时风控系统》
数美公司联合创始人兼CTO梁堃在主题演讲中介绍了Sentry金融实时风控系统。他表示实时风控系统对于银行业继续保持高速发展越来越重要。Sentry金融实时风控系统是基于大数据技术构建的实时交易风险评估系统。其工作过程是,在每一笔交易发生时,实时进行(1)业务系统将交易信息发送风控系统;(2)发现该交易中存在的异常行为和可疑场景;(3)根据发现的“证据”计算该交易的风险系数;(4)将风险系数等相关信息反馈给业务系统。
Anti Credit Abuse & Acquisitions Seminarenlightful
A seminar I gave at Minsheng Banking Corp's Card Headquarters in Beijing. The audience included Minsheng Card's most risk managers and VP Card Services. In Mandarin.
From http://www.csdn.net/article/2015-12-17/2826501
《数美公司联合创始人兼CTO梁堃:Sentry金融实时风控系统》
数美公司联合创始人兼CTO梁堃在主题演讲中介绍了Sentry金融实时风控系统。他表示实时风控系统对于银行业继续保持高速发展越来越重要。Sentry金融实时风控系统是基于大数据技术构建的实时交易风险评估系统。其工作过程是,在每一笔交易发生时,实时进行(1)业务系统将交易信息发送风控系统;(2)发现该交易中存在的异常行为和可疑场景;(3)根据发现的“证据”计算该交易的风险系数;(4)将风险系数等相关信息反馈给业务系统。
1. 金融業資訊風險與控制管理之發展趨勢
The Development Trend of IT Risk and Control Management in Financial Industry
Prometheus Yang,CFE,CISA,CRISC
國際電腦稽核協會(ISACA)會員
mail: Prometheus.yang@gmail.com
摘要
在歷經金融風暴與金融海嘯的衝擊後,金融機構對於法令遵循及風險管理與控制
更加重視,又因資訊系統大量用來處理金融單位的交易、財務、信用與客戶資料,
資訊風險與控制成為金融機構積極管理的一環。本文以行政院金融監督管理委員
會所提出之金融業內部控制三道防線為出發點,介紹資訊風險與控制的使命、責
任、與實務,作為金融產業未來在規劃資訊風險與控制管理之參考依據。
Abstract
Driven by increased demands from regulatory agencies, compliance and risk
management become more and more important in financial industry. In addition, the
information systems are widely used to process transaction, financial, credit, and
customer data. How to management the IT Risk and Control also becomes one of the
biggest challenges for financial institutions. Except for introducing the development
trend of IT Risk and Control management in financial industry, this article will also
introduce the IT Risk and Control management’s missions, responsibilities, and
practices which can be used as reference when design and implement the IT Risk and
Control Function in the financial institutions.
關鍵詞
金融業 資訊風險與控制 三道防線 IT Risk & Control
壹、前言 Preface
隨著資訊科技的發展,金融業相關業務由人工紙本作業改為透過資訊系統蒐集、
處理、及利用,以求增進營運效益並降低成本。然而,2001 年與 2002 年間,美
國安隆(Enron)與世界通訊(WorldCom)相繼爆發的會計財務醜聞,動搖了投
資人對資本市場投資的信心,為提升投資人對資本市場投資的信心,美國國會於
2002 年 10 月通過對美國沙賓法案(Sarbanes-Oxley Act),除促使企業營運及財
務資訊透明化,並透過建立相關規範來確保財務資料正確及可靠性來,加強監督
與強化公司治理,由於資訊系統大量運用於財務與會計流程中,因此,資訊系統
內控制度之建立,一夕之間變成法律上的要求。另於 2008 年由次級房貸所引發
的金融海嘯,起因於經營階層僅追求短期利益,導致企業面臨極大的潛在危機,
凸顯了在公司治理中管理階層對風險控管不足的問題,因此,風險管理成為在金
2. 融海嘯後,金融業所要面臨的一大課題。上述兩大事件除影響公司治理外,對金
融業資訊管理也產生重大的變革,傳統上透過資訊單位主管與內部稽核來確保資
訊風險管理與內部控制的有效性已無法滿足主管機關及社會大眾對金融業公司
治理的要求,所以,國外金融機構開始設立獨立於資訊業務單位與內部稽核單位
外的部門,專責於資訊風險管理與控制以符合法令遵循與內部控制的需求。本文
目的即在介紹風險與控制(IT Risk and Control)管理的發展趨勢及資訊風險與控
制管理的使命、責任、及實務。
貳、金融業資訊風險與控制管理的演變 The Change of IT Risk and Control
Management in Financial Industry
在沙賓法案及金融海嘯等事件後,金融主管機關與社會大眾對於金融業風險管理
及控制的要求與日俱增,為滿足公司治理與法令遵循的要求,金融業開始採用「三
道防線 (Three Lines of Defense)」的風險管理架構來加強並確保內部控制管理。
而在台灣,金融監督管理委員會(以下簡稱「金管會」)銀行局(以下簡稱「銀行局」)
為強化法令遵循及風險管理等第二道防線功能,以確保內部控制制度之有效性,
也於 2013 年 04 月 02 日發函中華民國信託業商業同業公會說明銀行內部控制三
道防線。根據銀行局的定義,自行查核為第一道防線,法令遵循與風險管理為第
二道防線,內部稽核為第三道防線,為使內部控制制度能有效及適當的運作,由
第一道、第二道防線進行風險監控,第三道防線進行獨立監督,三道防線各司其
職。(陳姸沂,2013)
根據上述定義,資訊業務單位在「三道防線」的風險管理架構下屬於第一道防線。
資訊單位除負責組織的系統開發、監控、及維護等業務外,同時也兼負資訊系統
專案管理、變更管理、效能管理、事故管理、及營運持續管理等工作。而資訊風
險與控制管理僅是資訊單位眾多工作項目之一。在過去,資訊系統內部控制管理
的責任通常是由資訊單位主管擔任或者資訊單位資深人員兼任,隨著法令遵循、
內部控制、及風險管理的要求增加,部份金融機構開始思考如何強化第一道防線,
於是出現分工機制,成立「資訊風險與控制」單位或專責人員來協助資訊業務單
位滿足主管機關與組織對資訊作業流程管理的要求。
參、願景與使命 Vision & Mission
為有效發揮資訊風險與控制的功能,需要定義清楚此功能的願景與使命,透過與
相關單位的溝通與宣導,確保與資訊風險與控制管理作業相關的單位與成員能形
塑共同的願景與一致的方向,以達成企業資訊風險與控制管理的目標。
一、願景 Vision
資訊風險與控制管理功能的願景,旨在協助企業追求資訊作業營運與策
略目標的同時,同時能降低資訊作業風險、確保資訊控制有效性、及兼
顧法令遵循要求。