Permalink
Fetching contributors…
Cannot retrieve contributors at this time
61 lines (39 sloc) 2.61 KB

Quality Attributes

The quality attributes for the new Financial Risk System are as follows.

Performance

  • Risk reports must be generated before 9am the following business day in Singapore.

Scalability

  • The system must be able to cope with trade volumes for the next 5 years.
  • The Trade Data System export includes approximately 5000 trades now and it is anticipated that there will be an additional 10 trades per day.
  • The Reference Data System counterparty export includes approximately 20,000 counterparties and growth will be negligible.
  • There are 40-50 business users around the world that need access to the report.

Availability

  • Risk reports should be available to users 24x7, but a small amount of downtime (less than 30 minutes per day) can be tolerated.

Failover

  • Manual failover is sufficient for all system components, provided that the availability targets can be met.

Security

  • This system must follow bank policy that states system access is restricted to authenticated and authorised users only.
  • Reports must only be distributed to authorised users.
  • Only a subset of the authorised users are permitted to modify the parameters used in the risk calculations.
  • Although desirable, there are no single sign-on requirements (e.g. integration with Active Directory, LDAP, etc).
  • All access to the system and reports will be within the confines of the bank's global network.

Audit

  • The following events must be recorded in the system audit logs:
    • Report generation.
    • Modification of risk calculation parameters.
  • It must be possible to understand the input data that was used in calculating risk.

Fault Tolerance and Resilience

  • The system should take appropriate steps to recover from an error if possible, but all errors should be logged.
  • Errors preventing a counterparty risk calculation being completed should be logged and the process should continue.

Internationalization and Localization

  • All user interfaces will be presented in English only.
  • All reports will be presented in English only.
  • All trading values and risk figures will be presented in US dollars only.

Monitoring and Management

  • A Simple Network Management Protocol (SNMP) trap should be sent to the bank's Central Monitoring Service in the following circumstances:
    • When there is a fatal error with a system component.
    • When reports have not been generated before 9am Singapore time.

Data Retention and Archiving

  • Input files used in the risk calculation process must be retained for 1 year.

Interoperability

  • Interfaces with existing data systems should conform to and use existing data formats.