Integrated Assurance Across the Three Lines of #CW2017
|
|
- Alan Maxwell
- 6 years ago
- Views:
Transcription
1 Integrated Assurance Across the Three Lines of #CW2017
2 Speaker Panel Liv Watson Sr. Director of Strategic Customer Initiatives Workiva, Inc. Valeria Locatelli Audit Director M&G #CWE2017
3 Polling Question 1 Do you currently use (any form of) integrated assurance in your company? 1. Yes, and we have an integrated report to the Board 2. Yes, but each assurance provider reports independently 3. No, but we are aware what other functions are planning 4. No, and we have little visibility with each other 5. Not #CW2017
4 @ComplianceWeek #CW2017
5 Integrated Assurance Valeria Locatelli, Audit Director, #CW2017
6 What is Integrated Assurance? No agreed upon definition and minimum standards In simple terms, it means combining two or more assurance plans (e.g. audit, risk, compliance) to show the collective assurance coverage of risks and controls across the organisation It is a tool to support a joined-up risk management approach It requires aligning the various assurance activities over the key risks and core business #CW2017
7 Why It Matters IPPF Performance Standard 2050 (Coordination and Reliance): The chief audit executive should share information, coordinate activities and consider relying upon the work of other internal and external assurance and consulting service providers to ensure proper coverage and minimise duplication of efforts. Financial crisis: Exposed weaknesses in boardroom practice; risk and its assurance was disjoined. Multiple uncoordinated activities across assurance providers generates risk fatigue and uses assurance resources in a suboptimal way. Instead, a coordinated approach leads to a common view of the key risks across the organisation, and how well controlled they are. Proliferation of specialist assurance functions: In response to regulatory risk, e.g. ABC, GDPR, which increases the risk of duplication and of taking up a lot of management time with independent assurance #CW2017
8 Key Benefits Common and consistent view of risks and controls Provides an aggregated view of risk assurance one truth Can be seen as a method to accumulate data and facts pertaining to specific process from various areas and perspective Increased efficiency and resource utilisation across assurance providers Minimises the risk of gaps, silo-working and disjointed risk management Promotes working beyond functional #CW2017
9 Things to Consider What are the critical activities/risks/controls? Is the risk taxonomy common across the organization and assurance functions? Is the level of maturity of the assurance providers consistent? Who are the key stakeholders and beneficiaries of the integrated assurance #CW2017
10 Assurance Coverage Mapping Example of Key risk Areas Assurance Coverage Mapping 1 st Line of Defence 2 nd Line defence 3 rd line of defence Management Finance Legal Risk Compliance Audit Strategic Risk Customer needs Political & Regulatory Operational Risk Financial Control Legal & Compliance Informational Technology Health & #CW2017
11 Best Practices Harmonization of Risk and Control Framework one single framework (risk universe, risk taxonomy, rating scales, formats) Harness collective risk intelligence across business functions Eliminate overlaps = minimising duplication of efforts Increase ownership responsibility in first line of defence of risk & Controls Alignment of roles and responsibilty across different committees Integrated implementation of new projects regulatory changes, new systems Focus on key risk while integrating #CW2017
12 Integrated Assurance Across the Three Lines of Defence Presented by: Liv Watson Sr. Director Workiva, Inc [NYSE: WK]
13 Compliance Week Europe Amsterdam
14 Key Learning Objective Integrated Assurance Across the Three Lines of Defence Requires Good Data #CWE2017
15 Compliance Dilemmas
16 Dilemmas - I Compliance Week Europe Amsterdam
17 Dilemmas - II IDC estimates that by 2020 business transactions on the internet (both B2B and B2C) will reach 450 billion per day. IDC estimates that the volume of business data worldwide, across all companies, doubles every 1.2 years. Walmart handles more than 1 million customer transactions every hour, which is imported into databases estimated to contain more than 2.5 petabytes of data. The largest AT&T database boasts titles including the largest volume of data in one unique database (312 terabytes) and the second largest number of rows in a unique database (1.9 trillion), which comprises AT&T s extensive calling records. IDC estimates that poor data can cost businesses 20-35% of their operating revenue. Compliance Week Europe Amsterdam Source:
18 Dilemmas - III Compliance Week Europe Amsterdam
19 Time to Rethink Integrated Assurance The costs keep growing, while complexity is starting to outpace human understanding.
20 Rethink Integrated Assurance Across the Three Lines of Defence with Good Data Governance
21 Introducing SSOT-MVOTs Data Architecture GOOD GOVERNANCE, GOOD DATA A sound data strategy requires that the data contained in a company s single source of truth (SSOT) is of high quality, granular and that multiple versions of the truth (MVOTs) are carefully controlled and derived from the same SSOT. Continues Audit Data Continuous Risk Monitoring and Assessment Continuous Control Monitoring Compliance Week Europe Amsterdam
22 Time to Rethink Integrated Assurance Assume that all data will be consumed using an electronic "machine understandable" reporting framework rather than a document-based digital one.
23 Key Take Away The overall condition of data assets is directly dependent on the company s ability to align people, processes, lines of business, and technologies. It requires that all of these things work together to produce the desired outcomes that make data fit for its business purpose.
24 Valeria Locatelli Audit Director M&G Investments DISCUSSION Liv Watson Sr. Director of Strategic Customer Initiatives Workiva, #CW2017
25 Thank you! Your feedback is much appreciated! Please remember to complete the feedback survey, available in the conference app and at the registration #CWE2017
Heads of Internal Audit Webinar. Integrated Assurance. 24 July In partnership with
Heads of Internal Audit Webinar Integrated Assurance 24 July 2013 In partnership with WELCOME TO THE WEBINAR The audio for this webcast will be broadcast via your PC speakers you do not need to dial in.
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationNERC Staff Organization Chart Budget 2019
NERC Staff Organization Chart Budget 2019 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Officer Senior Vice President, General Counsel and Corporate
More informationNERC Staff Organization Chart Budget 2018
NERC Staff Organization Chart Budget 2018 President and CEO Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel and Corporate
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationBPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.
BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...
More informationNERC Staff Organization Chart Budget 2017
NERC Staff Organization Chart Budget 2017 President and CEO Administrative Associate Director to the Office of the CEO Senior Vice President and Chief Reliability Senior Vice President, General Counsel
More informationSolving the Enterprise Data Dilemma
Solving the Enterprise Data Dilemma Harmonizing Data Management and Data Governance to Accelerate Actionable Insights Learn More at erwin.com Is Our Company Realizing Value from Our Data? If your business
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationInstitute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI
Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO CHAPTER: @IIACHI #IIACHI WWW.FACEBOOK.COM/IIACHICAGO HTTPS://WWW.LINKEDIN.COM/GROUPS/1123977 1 CAE Communications and Common Audit Committee
More informationOVERVIEW BROCHURE GRC. When you have to be right
OVERVIEW BROCHURE GRC When you have to be right WoltersKluwerFS.com In response to today s demanding economic and regulatory climate, many financial services firms are transforming operations to enhance
More informationGOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI
GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE TRENDS BY FCPAK ERIC KIMANI CONTENTS Overview Conceptual Definition Implementation of Strategic Risk Governance Success Factors Changing Internal Audit Roles
More informationISE Canada Executive Forum and Awards
ISE Canada Executive Forum and Awards September 19, 2013 "Establishing a Cost Effective PCI DSS Compliance Program by Having a Can Do Attitude Della Shea Chief Privacy & Information Risk Officer Symcor
More informationSAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx
SAMPLE REPORT Business Continuity Gap Analysis Report Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx COMMERCIAL-IN-CONFIDENCE PAGE 1 OF 11 Contact Details CSC Contacts CSC
More informationINFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK
INFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK 1. INTRODUCTION The Board of Directors of the Bidvest Group Limited ( the Company ) acknowledges the need for an IT Governance Framework as recommended
More informationIn 2017, the Auditor General initiated an audit of the City s information technology infrastructure and assets.
REPORT FOR ACTION IT Infrastructure and IT Asset Management Review: Phase 1: Establishing an Information Technology Roadmap to Guide the Way Forward for Infrastructure and Asset Management Date: January
More informationDriving Global Resilience
Driving Global Resilience Steve Mellish FBCI Chairman, The Business Continuity Institute Monday December 2nd, 2013 Business & IT Resilience Summit New Delhi, India Chairman of the Business Continuity Institute
More informationManchester Metropolitan University Information Security Strategy
Manchester Metropolitan University Information Security Strategy 2017-2019 Document Information Document owner Tom Stoddart, Information Security Manager Version: 1.0 Release Date: 01/02/2017 Change History
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationOracle Buys Automated Applications Controls Leader LogicalApps
Oracle Buys Automated Applications Controls Leader LogicalApps To strengthen Oracle s Governance, Risk and Compliance Suite with Real-time Policy Enforcement October 26, 2007 Disclaimer The following is
More informationM&A Cyber Security Due Diligence
M&A Cyber Security Due Diligence Prepared by: Robert Horton, Ollie Whitehouse & Sherief Hammad Contents Page 1 Introduction 3 2 Technical due diligence goals 3 3 Enabling the business through cyber security
More informationIMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES
IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data
More informationTurning Risk into Advantage
Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview
More informationREVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009
APPENDIX 1 REVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto
More informationCustomer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach
Customer Breach Support A Deloitte managed service Notifying, supporting and protecting your customers through a data breach Customer Breach Support Client challenges Protecting your customers, your brand
More informationIntroduction. Angela Holzworth, RHIA, CISA, GSEC. Kimberly Gray, Esq., CIPP/US. Sr. IT Infrastructure Analyst
Introduction Angela Holzworth, RHIA, CISA, GSEC Sr. IT Infrastructure Analyst Kimberly Gray, Esq., CIPP/US Chief Privacy Officer, Global, IMS Health 1 Incorporating Privacy into the CSF: Approach and Benefits
More informationUnderstanding my data and getting value from it
Understanding my data and getting value from it Creating Value With GDPR: Practical Steps 20 th February 2017 Gregory Campbell Governance, Regulatory and Legal Consultant, IBM Analytics gcampbell@uk.ibm.com
More informationReady, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan
Ready, Willing & Able Michael Cover, Manager, Blue Cross Blue Shield of Michigan Agenda 1. Organization Overview 2. GRC Journey Story 3. GRC Program Roadmap 4. Program Objectives and Guiding Principals
More informationRobert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group
Robert Hayes Senior Director Microsoft Global Cyber Security & Data Protection Group Presentation Objectives Introductions Cyber security context Cyber security in the maritime sector Developing cybersecurity
More informationSession 5: Business Continuity, with Business Impact Analysis
Session 5: Business Continuity, with Business Impact Analysis By: Tuncay Efendioglu, Acting Director Internal Oversight Division, WIPO Pierre-François Gadpaille, Audit Specialist (Information Systems),
More informationSecurity and Privacy Governance Program Guidelines
Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationfalanx Cyber ISO 27001: How and why your organisation should get certified
falanx Cyber ISO 27001: How and why your organisation should get certified Contents What is ISO 27001? 3 What does it cover? 3 Why should your organisation get certified? 4 Cost-effective security management
More informationCYBER INSURANCE: MANAGING THE RISK
CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt
More informationBuilding a BC/DR Control Library and Regulatory Response Program
Building a BC/DR Control Library and Regulatory Response Program David Garland, Senior Director, Disaster Recovery & Regulatory Compliance, Business Continuity Management CME Group Regulatory Compliance
More informationEnabling efficiency through Data Governance: a phased approach
Enabling efficiency through Data Governance: a phased approach Transform your process efficiency, decision-making, and customer engagement by improving data accuracy An Experian white paper Enabling efficiency
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationPROTECTING BRANDS IN CYBERSPACE
Speaker Profile Abhishek Agarwal, CIPP/US: Security & Privacy Leader at Kraft Foods Manage compliance programs to safeguard consumer, customers and employee information. Responsible for protecting brand
More informationData Management and Security in the GDPR Era
Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini
More informationNERC Staff Organization Chart Budget
NERC Staff Organization Chart 2013 2014 President and CEO (Dept. 2100) Executive Assistant (Dept. 2100) Senior Vice President and Chief Operating Officer (Dept. 2100) Senior Vice President General Counsel
More informationAboriginal Affairs and Northern Development Canada. Internal Audit Report Summary. Audit of Information Technology Security.
Aboriginal Affairs and Northern Development Canada Internal Audit Report Summary Audit of Information Technology Security Prepared by: Audit and Assurance Services Branch April 2015 NCR#7367040 - NCR#7358318
More informationDated 3 rd of November 2017 MEMORANDUM OF UNDERSTANDING SIERRA LEONE NATIONAL ehealth COORDINATION HUB
Memorandum of Understanding for Joint Working by Ministry of Health and Sanitation, Ministry of Information and Communication on the Government of Sierra Leone ehealth Coordination Hub Dated 3 rd of November
More informationImprove Internal Controls with Governance, Risk, and Compliance Solutions
Improve Internal Controls with Governance, Risk, and Compliance Solutions Jay Castleberry Director, Technology Delivery & Maintenance 0 (SCE) Company Overview One of the largest electric utilities in North
More informationCEF e-invoicing. Presentation to the European Multi- Stakeholder Forum on e-invoicing. DIGIT Directorate-General for Informatics.
CEF e-invoicing Presentation to the European Multi- Stakeholder Forum on e-invoicing 20 October 2014 DIGIT Directorate-General for Informatics Connecting Europe Facility (CEF) Common financing instrument
More informationNavigating the Clouds Fortifying ITIL for Cloud Governance
Navigating the Clouds Fortifying ITIL for Cloud Governance DECEMBER 2011 Cloud adoption promises to be an interesting journey for an enterprise with its luring benefits of on-demand models enabling faster
More informationNERC Staff Organization Chart 2015 Budget
NERC Staff Organization Chart President and CEO (Dept. 2100) Executive Assistant (Dept. 2100) Associate Director, Member Relations and MRC Secretary (Dept. 2100) Senior Vice President and Chief Reliability
More informationNext Generation Policy & Compliance
Next Generation Policy & Compliance Mason Karrer, CISSP, CISA GRC Strategist - Policy and Compliance, RSA Core Competencies C33 2013 Fall Conference Sail to Success CRISC CGEIT CISM CISA Introductions...
More informationREPORT 2015/149 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/149 Audit of the information and communications technology operations in the Investment Management Division of the United Nations Joint Staff Pension Fund Overall results
More informationPREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.
PREPARE FOR TAKE OFF Accelerate your organisation s journey to the Cloud. cloud. Contents Introduction Program & Governance BJSS Cloud Readiness Assessment: Intro Platforms & Development BJSS Cloud Readiness
More informationGRC Maturity. Benchmarking Your GRC Program. October 2014
GRC Maturity Benchmarking Your GRC Program October 2014 Michael Rasmussen, J.D., GRCP, CCEP The GRC Pundit @ GRC 20/20 Research, LLC OCEG Fellow @ www.oceg.org Are you truly aware of your risks? Never
More informationProposed Regional ehealth Strategy ( )
Proposed Regional ehealth Strategy (2014-2020) Strategic Area 1: Policy & Strategy Strategic Area 2: Tools & Methods Strategic Area 3: Collaboration & Partnership Strategic Area 4: Human Resource Development
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationHCPC's Risk Assurance Part 1
HCPC's Risk Assurance Part 1 ISO & Assurance Audit Committee 14 June 2017 AUD 39/17 1 Summary HCPC QA effort Three pronged approach BSI / NAO / Commercial Internal Audit Departmental controls, in dept
More informationTrillium Consulting. Data Governance. Optimizing Business Outcomes through Data and Information Assets
Trillium Consulting Data Governance Optimizing Business Outcomes through Data and Information Assets DAMA Indiana Winter Meeting Indianapolis, Indiana January 20, 2011 Jim Orr, Global Director Enterprise
More informationThe NEW Power System: challenges and solutions. 1 st October 2018 Duncan Botting IEA DSM
The NEW Power System: challenges and solutions 1 st October 2018 Duncan Botting IEA DSM The NEW Power System Challenges and Solutions Agenda 1. Summary 2. Introduction to FPSA 3. Redefining the Power System
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSymantec Data Center Transformation
Symantec Data Center Transformation A holistic framework for IT evolution As enterprises become increasingly dependent on information technology, the complexity, cost, and performance of IT environments
More informationNEBOSH Part A accreditation criteria
NEBOSH Part A accreditation criteria 1. The course provider must provide the following contact details for the five roles defined below: a) NEBOSH Communications Coordinator: The person to whom all correspondence
More informationCYBER SECURITY TAILORED FOR BUSINESS SUCCESS
CYBER SECURITY TAILORED FOR BUSINESS SUCCESS KNOW THE ASIAN CYBER SECURITY LANDSCAPE As your organisation adopts digital transformation initiatives to accelerate your business ahead, understand the cyber
More informationHow to Derive Value from Business Continuity Planning
How to Derive Value from Continuity Planning Presented by Randall J. Till, Principal Till Continuity Group Spring World 2011 Disaster Recovery Journal March 28, 2011 1 BCM Challenges BCM funding is limited
More informationIntegrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise
February 11 14, 2018 Gaylord Opryland Resort and Convention Center, Nashville #DRI2018 Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise Tejas Katwala CEO
More informationEnterprise GRC Implementation
Enterprise GRC Implementation Our journey so far implementation observations and learning points Derek Walker Corporate Risk Manager National Grid 1 Introduction to National Grid One of the world s largest
More informationGeneral Data Protection Regulation. May 25, 2018 DON T PANIC! PLAN!
General Data Protection Regulation May 25, 2018 DON T PANIC! PLAN! Protect the human behind the data record. On May 25, 2018 the General Data Protection Regulation (GDPR) is entering into force. It requires
More informationAchieving effective risk management and continuous compliance with Deloitte and SAP
Achieving effective risk management and continuous compliance with Deloitte and SAP 2 Deloitte and SAP: collaborating to make GRC work for you Meeting Governance, Risk and Compliance (GRC) requirements
More informationUnderstanding Cyber Insurance & Regulatory Drivers for Business Continuity
Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber
More informationHow to get the Enterprise to Understand the Value of Security
PART 1 of 2 Insight into Security Leader Success How to get the Enterprise to Understand the Value of Security A SEC Research Finding Intended Audience This presentation is intended for security leaders
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationSecurity Awareness Training Courses
Security Awareness Training Courses Trusted Advisor for All Your Information Security Needs ZERODAYLAB Security Awareness Training Courses 75% of large organisations were subject to a staff-related security
More informationBig data privacy in Australia
Five-article series Big data privacy in Australia Three actions you can take towards compliance Article 5 Big data and privacy Three actions you can take towards compliance There are three actions that
More informationThe UNISDR Private Sector Alliance for Disaster Resilient Societies
The UNISDR Private Sector Alliance for Disaster Resilient Societies Sandra Amlang United Nations Office for Disaster Risk Reduction (UNISDR) Regional Office- the Americas. 24 August 2017 Increase in Frequency
More informationRSA Advanced Cyber Defence Summit
Lee Edge Head Archer Business UK&I RSA Advanced Cyber Defence Summit London 30-April-2015 1 64% 8% 2014 Gartner CEO and Senior Executive Survey: 'Risk-On' Attitudes Will Accelerate Digital Business. 2
More informationErvia Risk Management. Elaine O Donoghue IPA Governance Forum Briefing 10 th November 2017
Ervia Risk Management Elaine O Donoghue IPA Governance Forum Briefing 10 th November 2017 Ervia Overview - Our Structure Our customer facing businesses, Gas Networks Ireland and Irish Water, are supported
More informationNERC Staff Organization Chart
NERC Staff Organization Chart President and CEO Administrative Associate Director to the Office of the CEO Associate Director, Member Relations and MRC Secretary Senior Vice President and Chief Reliability
More informationGOVERNANCE, RISK & COMPLIANCE CPD FOR MEMBERS IN COMMERCE & INDUSTRY AUGUST 2018
GOVERNANCE, RISK & COMPLIANCE CPD FOR MEMBERS IN COMMERCE & INDUSTRY AUGUST 2018 1 GRC - INTRODUCTION A growing regulatory environment, higher business complexity and increased focus on accountability
More informationImproving Data Governance in Your Organization. Faire Co Regional Manger, Information Management Software, ASEAN
Improving Data Governance in Your Organization Faire Co Regional Manger, Information Management Software, ASEAN Topics The Innovation Imperative and Innovating with Information What Is Data Governance?
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationHow Secure is Blockchain? June 6 th, 2017
How Secure is Blockchain? June 6 th, 2017 Before we get started... This is a 60 minute webcast For better viewing experience, close all other applications For better sound quality, please use headphones
More informationWhat every IT professional needs to know about penetration tests
What every IT professional needs to know about penetration tests 24 th April, 2014 Geraint Williams IT Governance Ltd www.itgovernance.co.uk Overview So what do IT Professionals need to know about penetration
More informationREPORT 2015/186 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/186 Audit of information and communications technology operations in the Secretariat of the United Nations Joint Staff Pension Fund Overall results relating to the effective
More informationDefining the Challenges and Solutions. Resiliency Model. A Holistic Approach to Risk Management. Discussion Outline
Resiliency Model A Holistic Approach to Risk Management Discussion Outline Defining the Challenges and Solutions The Underlying Concepts of Our Approach Outlining the Resiliency Model (RM) Next Steps The
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationIT Audit Process. Prof. Mike Romeu. January 30, IT Audit Process. Prof. Mike Romeu
January 30, 2017 1 Corporate Structures Shareholders Governance Level: Board of Directors External Director CFO CEO Legal Counsel External Director Responsible for: Evaluate Direct Monitor Internal Directors
More informationSwedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation
Think Cloud Compliance Case Study Swedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation Customer details : Collector Bank - Sweden 329 employees www.collector.se/en Banking
More informationThe Etihad Journey to a Secure Cloud
SESSION ID: CCS-T07 The Etihad Journey to a Secure Cloud Georges de Moura Head of Group Information Security, Risk & Compliance Etihad Aviation Group History: Before The Cloud Devolved IT Decision-Making
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationHow will cyber risk management affect tomorrow's business?
How will cyber risk management affect tomorrow's business? The "integrated" path towards continuous improvement of information security Cyber Risk as a Balance Sheet Risk exposing Board and C-Levels 2018
More informationGain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services
Solution Overview Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services OPTIMIZE YOUR CLOUD SERVICES TO DRIVE BETTER BUSINESS OUTCOMES Reduce Cloud Business Risks and Costs
More informationReference Framework for the FERMA Certification Programme
Brussels, 23/07/2015 Dear Sir/Madam, Subject: Invitation to Tender Reference Framework for the FERMA Certification Programme Background The Federation of European Risk Management Associations (FERMA) brings
More informationSession Summary. Data maturity models EA Data Maturity Model Quiz (after each section) 20 mins break (after security)
Session Summary Data maturity models EA Data Maturity Model Quiz (after each section) 20 mins break (after security) EA maturity model cont. Having the right team Communicating the results Data Integrity
More informationHow to Underpin Security Transformation With Complete Visibility of Your Attack Surface
How to Underpin Security Transformation With Complete Visibility of Your Attack Surface YOU CAN T SECURE WHAT YOU CAN T SEE There are many reasons why you may be considering or engaged in a security transformation
More informationMDM and Data Governance
2 0 1 5 Amadeus I T Group SA MDM and Data Governance June 2015 Jean-Michel Collomb Agenda _ Overview of Amadeus _ History of MDM and DG in Amadeus _ The Data Governance Committee _ The MDM Program 3 10
More informationTechAdvantage March 5, Mark Peterson Supervisor of Operations Engineering. Ron Schmitz Manager of Information Services
TechAdvantage March 5, 2014 Mark Peterson Supervisor of Operations Engineering Ron Schmitz Manager of Information Services Agenda Great River Energy Overview Background on SCADA Background on IT Functions
More informationA Disciplined Approach to Cyber Security Transformation
A Disciplined Approach to Cyber Security Transformation Information Protection and Business Resiliency December 2014 Key takeaways from today s cyber security discussion 1. Our colleagues are not waving
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationBHConsulting. Your trusted cybersecurity partner
Your trusted cybersecurity partner BH Consulting Securing your business BH Consulting is an award-winning, independent provider of cybersecurity consulting and information security advisory services. Recognised
More informationThe University of Queensland
UQ Cyber Security Strategy 2017-2020 NAME: UQ Cyber Security Strategy DATE: 21/07/2017 RELEASE:0.2 Final AUTHOR: OWNER: CLIENT: Marc Blum Chief Information Officer Strategic Information Technology Council
More informationNew Zealand Government IBM Infrastructure as a Service
New Zealand Government IBM Infrastructure as a Service A world class agile cloud infrastructure designed to provide quick access to a security-rich, enterprise-class virtual server environment. 2 New Zealand
More informationIntroduction. When it comes to GDPR compliance, is OK for now enough? Minds made for protecting financial services
When it comes to GDPR compliance, is OK for now enough? EY CertifyPoint s GDPR certification process will help you achieve and demonstrate compliance. Minds made for protecting financial services Introduction
More informationISO 55001: 2014 Asset Management System 5-Day Training Course (IAM Certified)
ISO 55001: 2014 Asset Management System 5-Day Training Course (IAM Certified) TÜV SÜD Introduction ISO 55001: 2014 is a newly released best practice standard for asset management. This standard helps to
More information