Importance of the Data Management process in setting up the GDPR within a company CREOBIS

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Importance of the Data Management process in setting up the GDPR within a company CREOBIS"

Transcription

1 Importance of the Data Management process in setting up the GDPR within a company CREOBIS 1 Alain Cieslik

2 Personal Data is the oil of the digital world 2 Alain Cieslik

3 Personal information comes in different forms & media. 3

4 Personal information comes in different forms & media. Personal Data Non-Structured Semi-structured Excel / Word / Powerpoint Picture / Video / Sound Paper / Chat Social Network Search Engine Web page XML JSON NOSQL Structured Database 4

5 IT Ecosystem for personal data Data Center Cloud Big Data Applications Databases File servers Mainframes Data warehouse IaaS Paas SaaS Data Lake NoSql Hadoop 5

6 IT Ecosystem for personal data: File systems Documents 6

7 IT Ecosystem for personal data: Databases Privacy by design Art 25. Data Protection by design Art 32. Security of processing 7

8 IT Ecosystem for personal data: Modern Data warehouse 8

9 Manage Personal Data lifecycle 9

10 Personal information comes in a lot of different forms & media. IT Ecosystem for personal data is complex Manage Personal Data lifecycle 10

11 Data Management Overview 11 Alain Cieslik

12 Data Management Overview Guiding Principles 1. Data and information are valuable enterprise assets. 2. Manage data and information carefully, like any other asset, by ensuring adequate quality, security, integrity, protection, availability, understanding, and effective use. 3. Share responsibility for data management between business data stewards (trustees of data assets) and data management professionals (expert custodians of data assets). 4. Data management is a business Knowledge Area and a set of related disciplines. 5. Data management is also an emerging and maturing profession with the IT field. 12

13 Data Management Overview Knowledge Areas (KAs) 1. Data Governance 2. Data Architecture 3. Data Modeling and Design 4. Data Storage and Operations 5. Data Security 6. Reference and Master Data 7. Data Warehousing and Business Intelligence 8. Data Integration and Interoperability 9. Documents and Content 10. Metadata 11. Data Quality 13

14 Data Management Overview General Context Diagram Definition What is the Knowledge Area? Goals What does the Knowledge Area accomplish? Why does the Knowledge Area exist? Activities What are the Knowledge Area s tasks that accomplish the goals? Inputs What do the Knowledge Area s tasks use? Suppliers Who provides the inputs to the Knowledge Area s tasks? Responsible Who is performs the Knowledge Area? Tools What tools do the Knowledge Area s tasks use? Deliverables What does the Knowledge Area deliver? Consumers Who uses the primary deliverables? Stakeholders Who has an interest in the Knowledge Area s success? Metrics What is used to measure the Knowledge Area s success? 14

15 15 Alain Cieslik

16 Art 5. Principles relating to processing of personal data 16 Alain Cieslik

17 Art 5. Principles relating to processing of personal data Lawfulness, fairness and transparency Purpose limitation Data minimisation Accuracy Storage limitation Integrity & confidentiality Accountability 17

18 Art 5. Principles relating to processing of personal data Principles Governance Quality Metadata Security lawfulness, fairness and transparency purpose limitation data minimisation accuracy storage limitation integrity and confidentiality 18

19 DMBOK2 - Key Areas 19 Alain Cieslik

20 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Data Governance and Stewardship Goals 1. Define, approve, communicate, and implement principles, policies, procedures, metrics, tools, and responsibilities for data management. 2. Track and enforce compliance to regulatory and internal data policies. 3. Monitor and guide data usage and management activities. Activities 1. Define Data Governance for the organization 2. Define the Operating Framework 3. Create and implement data principles and policies 4. Define roles 5. Implement and sustain 20

21 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Goals of Business Cultural Development Goals 1. To define a data-centric organization 2. To understand how business culture development supports data governance 3. To define change management activities that can support data management and business culture alignment 4. To highlight the need for communication and training in data management activities Activities 1. Create a data-centric organization 2. Develop organizational touchpoints 3. Develop data-centric culture controls 21

22 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Data in the Cloud Goals 1. Define, contract, implement, and monitor cloud based data management areas of programs. 2. Define implement/contract, monitor and report SLAs on internal and external data stores. Activities 1. Assess organizational readiness 2. Define cloud and outsourcing requirements for the organization 3. Define and execute contracting requirements 4. Select and execute cloud infrastructure vendor environment 5. Develop security rules and ETL/capture data change (CDC) code 6. Operationalize cloud data activities 7. Report on service monitoring 22

23 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Data Handling Ethics Goals 1. Review Data-Handling Practices 2. Develop the Ethical Data Handling Strategy 3. Communicate and Educate Staff 4. Address Practices Gaps 5. Monitor and Maintain Alignment Activities 1. Review Data-Handling Practices 2. Develop the Ethical Data Handling Strategy 3. Communicate and Educate Staff 4. Address Practices Gaps 5. Monitor and Maintain Alignment 23

24 DMBOK2 Key Areas Data Governance 5. Data Security Definition, planning, development, and execution of security policies and procedures to provide proper authentication, authorization, access, and auditing of data and information assets. Goals 1. Enable appropriate, and prevent inappropriate, access to enterprise data assets. 2. Understand and comply with all relevant regulations and policies for privacy, protection, and confidentiality. 3. Ensure that the privacy and confidentiality needs of all stakeholders are enforced and audited. Activities 1. Identify Relevant Data Security Requirements 2. Define Data Security Policy 3. Define Data Security Standards 4. Assess Current Security Risks 5. Implement Data Security Controls and Procedures 24

25 DMBOK2 Key Areas Data Governance 10. Metadata Planning, Implementation, and control activities to enable access to high quality, integrated metadata Goals 1. Provide organizational understanding of business terms and usage 2. Collect and integrate metadata from diverse sources 3. Provide standard way to access the metadata 4. Ensure metadata quality and security Activities 1. Define the Metadata Strategy 2. Understand Metadata Requirements 3. Define Metadata Architecture 4. Create MetaModel 5. Apply Metadata Standards 6. Manage Metadata Stores 7. Create and Maintain Metadata 8. Integrate Metadata 9. Distribute and Deliver Metadata 10. Query, Report and Analyze Metadata 25

26 DMBOK2 Key Areas Data Governance 11. Data Quality The planning, implementation, and control activities that apply quality management techniques to data, in order to assure it is fit for consumption and business purpose(s). Goals 1. Develop a governed approach to measurably improve the quality of data according to defined business rules. 2. Define requirements and specifications for integrating data quality control into the system development lifecycle. 3. Define and implement processes for measuring, monitoring, and reporting conformance to acceptable levels of data quality. Activities 1. Create a Data Quality Culture 2. Perform Preliminary Data Quality Assessment 3. Define Data Quality Requirements 4. Assess Data Quality 5. Develop and Deploy Data Quality Operations 6. Measure and Monitor Data Quality 26

27 DMBOK2 Key Areas Data Governance Phase 1 Acquire data capabilities Data Security Data Storage & Operations Data Modeling and Design Data integration & interoperability Phase 2 Improve data quality Data Architecture Data Quality Metadata Phase 3 Setup data governance Data Governance Data Warehousing Documents & Contents Reference & Master Data Phase 4 Advanced analytic capabilities Data Mining Data Analytics Big Data DMBook 2.0: Purchase or Built database capability 27

28 Summary of GDPR and Information Governance 28 Alain Cieslik

29 Summary of GDPR and Information Governance Risk & Penalties Mitigation Risk based approach to data protection Principle driven Extra territoriality Fines as % of Global turnover Increased Penalties Core principles 1. lawfulness, fairness and transparency 2. purpose limitation 3. data minimisation 4. accuracy 5. storage limitation 6. integrity and confidentiality 7. accountability Data Management Mitigating factors 29

30 Summary of GDPR and Information Governance Respect privacy 30

31 Summary of GDPR and Information Governance Core principles 1. lawfulness, fairness and transparency 2. purpose limitation 3. data minimisation 4. accuracy 5. storage limitation 6. integrity and confidentiality 7. accountability Data Management Data protection officer Documentation Evidence of effectiveness Privacy by design Oversee & Govern Plan & Build Do & Manage Engage & Respond Respect privacy 31

32 Summary of GDPR and Information Governance Risk & Penalties Mitigation Risk based approach to data protection Principle driven Extra territoriality Fines as % of Global turnover Increased Penalties Core principles 1. lawfulness, fairness and transparency 2. purpose limitation 3. data minimisation 4. accuracy 5. storage limitation 6. integrity and confidentiality 7. accountability Explicit focus on Data Management Data protection officer Documentation Evidence of effectiveness Oversee & Govern Plan & Build Do & Manage Mitigating factors Privacy by design Engage & Respond Respect privacy 32

33 In conclusion Ø Data is a company asset that need to be managed Ø Do not underestimate the complexity of managing data Ø A lot of different type of format and media Ø A complex ecosystem Ø The challenge of managing the full data lifecycle Ø Data Management Frameworks can help you in this journey Ø Data Management requires an entreprise perspective Ø GDPR is a fantastic opportunity to improve the data management in your company 33

34 34

35 References o o o o o dc38047f3496&v=&b=&from_search=12 35

Security and Privacy Governance Program Guidelines

Security and Privacy Governance Program Guidelines Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by

More information

Data Governance Central to Data Management Success

Data Governance Central to Data Management Success Data Governance Central to Data Success International Anne Marie Smith, Ph.D. DAMA International DMBOK Editorial Review Board Primary Contributor EWSolutions, Inc Principal Consultant and Director of Education

More information

The Data Governance Journey at Principal

The Data Governance Journey at Principal The Data Governance Journey at Principal DAMA Iowa Meeting 9/20/2016 Andrea Jackson, IT Business Analyst, Sr. Sarah Playle, AD Data Quality & Governance Data governance anyone? Agenda Background Business

More information

Accelerate GDPR compliance with the Microsoft Cloud

Accelerate GDPR compliance with the Microsoft Cloud Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with

More information

Best Practices in Enterprise Data Governance

Best Practices in Enterprise Data Governance Best Practices in Enterprise Data Governance Scott Gidley and Nancy Rausch, SAS WHITE PAPER SAS White Paper Table of Contents Introduction.... 1 Data Governance Use Case and Challenges.... 1 Collaboration

More information

Data Governance Quick Start

Data Governance Quick Start Service Offering Data Governance Quick Start Congratulations! You ve been named the Data Governance Leader Now What? Benefits Accelerate the initiation of your Data Governance program with an industry

More information

Data Management and Security in the GDPR Era

Data Management and Security in the GDPR Era Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini

More information

GDPR: A technical perspective from Arkivum

GDPR: A technical perspective from Arkivum GDPR: A technical perspective from Arkivum Under the GDPR, you have a general obligation to implement technical and organisational measures to show that you have considered and integrated data protection

More information

Addressing GDPR Compliance Using Oracle Data Integration and Data Governance Solutions O R A C L E W H I T E P A P E R D E C E M B E R

Addressing GDPR Compliance Using Oracle Data Integration and Data Governance Solutions O R A C L E W H I T E P A P E R D E C E M B E R Addressing GDPR Compliance Using Oracle Data Integration and Data Governance Solutions O R A C L E W H I T E P A P E R D E C E M B E R 2 0 1 7 Disclaimer The purpose of this document is to help organizations

More information

CISM Certified Information Security Manager

CISM Certified Information Security Manager CISM Certified Information Security Manager Firebrand Custom Designed Courseware Logistics Start Time Breaks End Time Fire escapes Instructor Introductions Introduction to Information Security Management

More information

CISM - Certified Information Security Manager. Course Outline. CISM - Certified Information Security Manager.

CISM - Certified Information Security Manager. Course Outline. CISM - Certified Information Security Manager. Course Outline CISM - Certified Information Security Manager 20 Nov 2017 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led

More information

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Charting the Course... Certified Information Systems Auditor (CISA) Course Summary Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business

More information

Helping Address GDPR Compliance Using Oracle Security Solutions ORACLE WHITE PAPER SEPTEMBER 2017

Helping Address GDPR Compliance Using Oracle Security Solutions ORACLE WHITE PAPER SEPTEMBER 2017 Helping Address GDPR Compliance Using Oracle Security Solutions ORACLE WHITE PAPER SEPTEMBER 2017 Disclaimer The purpose of this document is to help organizations understand how Oracle security solutions

More information

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant

More information

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016 Data Protection Practical Strategies for Getting it Right Jamie Ross Data Security Day June 8, 2016 Agenda 1) Data protection key drivers and the need for an integrated approach 2) Common challenges data

More information

Google Cloud & the General Data Protection Regulation (GDPR)

Google Cloud & the General Data Protection Regulation (GDPR) Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to

More information

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

EU GDPR and  . The complete text of the EU GDPR can be found at  What is GDPR? EU GDPR and Email The EU General Data Protection Regulation (GDPR) is the new legal framework governing the use of the personal data of European Union (EU) citizens across all EU markets. It replaces existing

More information

University of Texas Arlington Data Governance Program Charter

University of Texas Arlington Data Governance Program Charter University of Texas Arlington Data Governance Program Charter Document Version: 1.0 Version/Published Date: 11/2016 Table of Contents 1 INTRODUCTION... 3 1.1 PURPOSE OF THIS DOCUMENT... 3 1.2 SCOPE...

More information

The Value of Force.com as a GRC Platform

The Value of Force.com as a GRC Platform The Value of Force.com as a GRC Platform Andy Evans - Xactium Limited March 2009 Executive Summary The importance of governance, risk and compliance (GRC) activities to organizations has become increasingly

More information

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions Getting ready for GDPR Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions GDPR Background Single EU-wide Regulation Harmonizes Global User Data Protection across

More information

MAPR DATA GOVERNANCE WITHOUT COMPROMISE

MAPR DATA GOVERNANCE WITHOUT COMPROMISE MAPR TECHNOLOGIES, INC. WHITE PAPER JANUARY 2018 MAPR DATA GOVERNANCE TABLE OF CONTENTS EXECUTIVE SUMMARY 3 BACKGROUND 4 MAPR DATA GOVERNANCE 5 CONCLUSION 7 EXECUTIVE SUMMARY The MapR DataOps Governance

More information

Isaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.

Isaca EXAM - CISM. Certified Information Security Manager. Buy Full Product. Isaca EXAM - CISM Certified Information Security Manager Buy Full Product http://www.examskey.com/cism.html Examskey Isaca CISM exam demo product is here for you to test the quality of the product. This

More information

BRINGING DATA LINEAGE TO YOUR FINGERTIPS

BRINGING DATA LINEAGE TO YOUR FINGERTIPS DATA INTELLIGENCE ASG TECHNOLOGIES LINEAGE APPLIANCE Tailor Data Lineage to Your Enterprise Embed Data Lineage from ASG s Enterprise Data Intelligence Solution Wherever You Need It BRINGING DATA LINEAGE

More information

EXAM PREPARATION GUIDE

EXAM PREPARATION GUIDE EXAM PREPARATION GUIDE PECB Certified Data Protection Officer The objective of the PECB Certified Data Protection Officer examination is to ensure that the candidate has acquired the knowledge and skills

More information

CHALLENGES GOVERNANCE INTEGRATION SECURITY

CHALLENGES GOVERNANCE INTEGRATION SECURITY CLOUD SERVICES The adoption and migration to the cloud is rooted in the need for speed and flexibility in creating and managing services. These benefits are often impacted by the difficulty of enterprises

More information

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015 Cloud Computing Standard Effective Date: July 28, 2015 1.1 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually

More information

Applying LIS Disciplines to the DMBOK Knowledge Areas. Susan Von Fruke, MLIS Federal Reserve Bank of Minneapolis

Applying LIS Disciplines to the DMBOK Knowledge Areas. Susan Von Fruke, MLIS Federal Reserve Bank of Minneapolis Applying LIS Disciplines to the DMBOK Knowledge Areas Susan Von Fruke, MLIS Federal Reserve Bank of Minneapolis Speaker bio 25+ year career with experience in database administration, data architecture,

More information

Practical Guide to Hybrid Cloud Computing. Cloud-Computing.

Practical Guide to Hybrid Cloud Computing.  Cloud-Computing. Practical Guide to Hybrid Cloud Computing http://www.cloud-council.org/deliverables/cscc-practical-guide-to-hybrid- Cloud-Computing.pdf April 21, 2016 The Cloud Standards Customer Council THE Customer

More information

Modern Database Architectures Demand Modern Data Security Measures

Modern Database Architectures Demand Modern Data Security Measures Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing

More information

Disruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise

Disruptive Technologies Legal and Regulatory Aspects. 16 May 2017 Investment Summit - Swiss Gobal Enterprise Disruptive Technologies Legal and Regulatory Aspects 16 May 2017 Investment Summit - Swiss Gobal Enterprise Legal and Regulatory Framework in Switzerland Legal and regulatory Framework: no laws or provisions

More information

10 Considerations for a Cloud Procurement. March 2017

10 Considerations for a Cloud Procurement. March 2017 10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents

More information

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...

More information

DRI: Preservation Planning Case Study Getting Started in Digital Preservation Digital Preservation Coalition November 2013 Dublin, Ireland

DRI: Preservation Planning Case Study Getting Started in Digital Preservation Digital Preservation Coalition November 2013 Dublin, Ireland DRI: Preservation Planning Case Study Getting Started in Digital Preservation Digital Preservation Coalition November 2013 Dublin, Ireland Dr Aileen O Carroll Policy Manager Digital Repository of Ireland

More information

Best Practices in Securing a Multicloud World

Best Practices in Securing a Multicloud World Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers

More information

HCL GRC IT AUDIT & ASSURANCE SERVICES

HCL GRC IT AUDIT & ASSURANCE SERVICES HCL GRC IT AUDIT & ASSURANCE SERVICES Overview The immense progress made in information and communications technology offers enterprises outstanding benefits. However this also results in making the risk

More information

Information Security. How to be GDPR compliant? 08/06/2017

Information Security. How to be GDPR compliant? 08/06/2017 Information Security How to be GDPR compliant? CREOBIS 08/06/2017 1 Alain Cieslik What Is the Difference Between Security and Privacy? Security: The primary goal of InfoSec is to protect confidentiality,

More information

<< Practice Test Demo - 2PassEasy >> Exam Questions CISM. Certified Information Security Manager. https://www.2passeasy.

<< Practice Test Demo - 2PassEasy >> Exam Questions CISM. Certified Information Security Manager. https://www.2passeasy. Exam Questions CISM Certified Information Security Manager https://www.2passeasy.com/dumps/cism/ 1.Senior management commitment and support for information security can BEST be obtained through presentations

More information

Run the business. Not the risks.

Run the business. Not the risks. Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary

More information

Quality Assurance and IT Risk Management

Quality Assurance and IT Risk Management Quality Assurance and IT Risk Deutsche Bank s QA and Testing Transformation Journey Michael Venditti Head of Enterprise Testing Services, Deutsche Bank IT RISK - REGULATORY GOVERNANCE Major shifts in the

More information

Security Readiness Assessment

Security Readiness Assessment Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS

More information

Certified Information Security Manager (CISM) Course Overview

Certified Information Security Manager (CISM) Course Overview Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,

More information

Navigating the Clouds Fortifying ITIL for Cloud Governance

Navigating the Clouds Fortifying ITIL for Cloud Governance Navigating the Clouds Fortifying ITIL for Cloud Governance DECEMBER 2011 Cloud adoption promises to be an interesting journey for an enterprise with its luring benefits of on-demand models enabling faster

More information

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on

More information

SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions

SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions DISCLAIMER: The contents of this publication do not necessarily reflect the position or opinion of the American

More information

Guidance Solvency II data quality management by insurers

Guidance Solvency II data quality management by insurers Guidance Solvency II data quality management by insurers De Nederlandsche Bank N.V. Guidance Solvency II data quality management by insurers Guidance document of De Nederlandsche Bank N.V., dated 1 September

More information

PERSPECTIVE. Effective Data Governance. Abstract

PERSPECTIVE. Effective Data Governance. Abstract PERSPECTIVE Effective Governance Abstract governance is no more just another item that is good to talk about and nice to have, for global data management organizations. This PoV looks into why data governance

More information

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer Modelos de Negócio na Era das Clouds André Rodrigues, Cloud Systems Engineer Agenda Software and Cloud Changed the World Cisco s Cloud Vision&Strategy 5 Phase Cloud Plan Before Now From idea to production:

More information

Cybersecurity Auditing in an Unsecure World

Cybersecurity Auditing in an Unsecure World About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity

More information

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE

THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE THE NEW EU DATA PROTECTION REGULATION: WHAT IS IT AND WHAT DO WE NEED TO DO? KALLIOPI SPYRIDAKI CHIEF PRIVACY STRATEGIST, EUROPE EU DATA PROTECTION REGULATION Kalliopi Spyridaki Chief Privacy Strategist,

More information

AT&T Endpoint Security

AT&T Endpoint Security AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction

More information

HIPAA Compliance Checklist

HIPAA Compliance Checklist HIPAA Compliance Checklist Hospitals, clinics, and any other health care providers that manage private health information today must adhere to strict policies for ensuring that data is secure at all times.

More information

Security in India: Enabling a New Connected Era

Security in India: Enabling a New Connected Era White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile

More information

Building a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc.

Building a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc. Building a Secure and Compliant Cloud Infrastructure Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc. Why Are We Here? Expanded Enterprise Data access anywhere, anytime

More information

IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE

IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE TRANSFORM SECURITY DATA PROTECTION SOLUTION OVERVIEW IT MANAGEMENT AND THE GDPR: THE VMWARE PERSPECTIVE Introduction This Solution Overview is intended for IT personnel interested in the VMware perspective

More information

Government Data Center Modernization

Government Data Center Modernization Government Data Center Modernization Service Standards Focus Group Discussion 13 March 2017 Table of Contents Welcome and Introduction What are standards and their need Key challenges Standard functional

More information

A practical approach towards Big Data in the context of the upcoming EU data privacy and data protection regulation.

A practical approach towards Big Data in the context of the upcoming EU data privacy and data protection regulation. A practical approach towards Big Data in the context of the upcoming EU data privacy and data protection regulation SAS Forum 2015 Privacy What s ongoing? Safe Harbour EU - GDPR White house NL Data Breach

More information

Accelerate your Azure Hybrid Cloud Business with HPE. Ken Won, HPE Director, Cloud Product Marketing

Accelerate your Azure Hybrid Cloud Business with HPE. Ken Won, HPE Director, Cloud Product Marketing Accelerate your Azure Hybrid Cloud Business with HPE Ken Won, HPE Director, Cloud Product Marketing Mega trend: Customers are increasingly buying cloud services from external service providers Speed of

More information

API MANAGEMENT WITH WEBMETHODS

API MANAGEMENT WITH WEBMETHODS API MANAGEMENT WITH WEBMETHODS Subhash Ramachandran SVP, Product Management & Marketing DIGITAL TRANSFORMATION #WITHOUTCOMPROMISE 2017 Software AG. All rights reserved. WEBMETHODS API MANAGEMENT PLATFORM

More information

A Practical Look into GDPR for IT

A Practical Look into GDPR for IT Andrea Pasquinucci, March 2017 pag. 1 / 7 A Practical Look into GDPR for IT Part 1 Abstract This is the first article in a short series about the new EU General Data Protection Regulation (GDPR) looking,

More information

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting

More information

Privacy hacking & Data Theft

Privacy hacking & Data Theft Privacy hacking & Data Theft Cloud Computing risks & the Patricia A RoweSeale CIA, CISA, CISSP, CRISC, CRMA The IIA (Barbados Chapter) Internal Audit Portfolio Director CIBC FirstCaribbean Objectives Cloud

More information

WORKSHARE SECURITY OVERVIEW

WORKSHARE SECURITY OVERVIEW WORKSHARE SECURITY OVERVIEW April 2016 COMPANY INFORMATION Workshare Security Overview Workshare Ltd. (UK) 20 Fashion Street London E1 6PX UK Workshare Website: www.workshare.com Workshare Inc. (USA) 625

More information

CA ERwin Data Modeler r9 Rick Alaras N.A. Channel Account Manager

CA ERwin Data Modeler r9 Rick Alaras N.A. Channel Account Manager ERwin r9 CA ERwin Data Modeler r9 Rick Alaras N.A. Channel Account Manager In today s data-driven economy, there is an increasing disconnect between consumers and providers of data DATA VOLUMES INCREASING

More information

WHITE PAPER. Title. Managed Services for SAS Technology

WHITE PAPER. Title. Managed Services for SAS Technology WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive

More information

for TOGAF Practitioners Hands-on training to deliver an Architecture Project using the TOGAF Architecture Development Method

for TOGAF Practitioners Hands-on training to deliver an Architecture Project using the TOGAF Architecture Development Method Course Syllabus for 3 days Expert led Enterprise Architect hands-on training "An Architect, in the subtlest application of the word, describes one able to engage and arrange all elements of an environment

More information

Internal Audit Report. Electronic Bidding and Contract Letting TxDOT Office of Internal Audit

Internal Audit Report. Electronic Bidding and Contract Letting TxDOT Office of Internal Audit Internal Audit Report Electronic Bidding and Contract Letting TxDOT Office of Internal Audit Objective Review of process controls and service delivery of the TxDOT electronic bidding process. Opinion Based

More information

DATA GOVERNANCE LEADS TO DATA QUALITY

DATA GOVERNANCE LEADS TO DATA QUALITY DATA GOVERNANCE LEADS TO DATA QUALITY Trending. Kash Mehdi Senior Product Specialist and Instructor May 3, 2017 1 Collibra 2017 2017 Collibra Inc How Many of Your Reports Have Good Data Quality? What would

More information

How Secure is Blockchain? June 6 th, 2017

How Secure is Blockchain? June 6 th, 2017 How Secure is Blockchain? June 6 th, 2017 Before we get started... This is a 60 minute webcast For better viewing experience, close all other applications For better sound quality, please use headphones

More information

GRC SURVEY RESULT Please indicate your profession

GRC SURVEY RESULT Please indicate your profession COPENHAGEN?=! CO?=! MPLIANCE T o p i c a l a n d T i m e l y Riskability GRC Controllers Governance, Risk & Compliance COPENHAGEN?=! CHARTER Bribery, Fraud & Corruption GRC SURVEY RESULT. Please indicate

More information

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.

More information

E-guide CISSP Prep: 4 Steps to Achieve Your Certification

E-guide CISSP Prep: 4 Steps to Achieve Your Certification CISSP Prep: 4 Steps to Achieve Your Certification Practice for the exam and keep your skills sharp : Thank you for downloading our CISSP certification guide. Aside from this handy PDF, you can also access

More information

Chapter 8: SDLC Reviews and Audit Learning objectives Introduction Role of IS Auditor in SDLC

Chapter 8: SDLC Reviews and Audit Learning objectives Introduction Role of IS Auditor in SDLC Chapter 8: SDLC Reviews and Audit... 2 8.1 Learning objectives... 2 8.1 Introduction... 2 8.2 Role of IS Auditor in SDLC... 2 8.2.1 IS Auditor as Team member... 2 8.2.2 Mid-project reviews... 3 8.2.3 Post

More information

Workday s Robust Privacy Program

Workday s Robust Privacy Program Workday s Robust Privacy Program Workday s Robust Privacy Program Introduction Workday is a leading provider of enterprise cloud applications for human resources and finance. Founded in 2005 by Dave Duffield

More information

EXAM PREPARATION GUIDE

EXAM PREPARATION GUIDE EXAM PREPARATION GUIDE PECB Certified ISO 50001 Lead Auditor The objective of the PECB Certified ISO 50001 Lead Auditor examination is to ensure that the candidate has the knowledge and skills to plan

More information

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help WHITE PAPER The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help ii Contents Personal Data Defined... 1 Why the GDPR Is Such a Big Deal... 2 Are You Ready?...

More information

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution

More information

City as a Platform: From Vision to Reality

City as a Platform: From Vision to Reality 1 City as a Platform: From Vision to Reality Nik Willetts CEO, TM Forum 2017 TM Forum 1 2 Cities as Collections of Ecosystems 2017 TM Forum 2 3 2017 TM Forum 3 Maslow s Hierarchy of Needs Self actualization:

More information

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY The Foundation Certificate in Information Security (FCIS) course is designed to provide

More information

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief Publication Date: March 10, 2017 Requirements for Financial Services Companies (23NYCRR 500) Solution Brief EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker s advanced

More information

Enterprise GRC Implementation

Enterprise GRC Implementation Enterprise GRC Implementation Our journey so far implementation observations and learning points Derek Walker Corporate Risk Manager National Grid 1 Introduction to National Grid One of the world s largest

More information

State HIE Strategic and Operational Plan Emerging Models. February 16, 2011

State HIE Strategic and Operational Plan Emerging Models. February 16, 2011 State HIE Strategic and Operational Plan Emerging Models February 16, 2011 Goals and Objectives The State HIE emerging models can be useful in a wide variety of ways, both within the ONC state-level HIE

More information

Informatica Data Quality Product Family

Informatica Data Quality Product Family Brochure Informatica Product Family Deliver the Right Capabilities at the Right Time to the Right Users Benefits Reduce risks by identifying, resolving, and preventing costly data problems Enhance IT productivity

More information

Delivering Complex Enterprise Applications via Hybrid Clouds

Delivering Complex Enterprise Applications via Hybrid Clouds Whitepaper Delivering Complex Enterprise Applications via Hybrid Clouds As enterprises and industries shake off the effects of the last recession, the focus of IT organizations has shifted from one marked

More information

Optim. Optim Solutions for Data Governance. R. Kudžma Information management technical sales

Optim. Optim Solutions for Data Governance. R. Kudžma Information management technical sales Optim Solutions for Data Governance R. Kudžma Information management technical sales kudzma@lt.ibm.com IBM Software Group 10/23/2009 2008 IBM Corporation What is Data Governance Data Governance is the

More information

E-guide Getting your CISSP Certification

E-guide Getting your CISSP Certification Getting your CISSP Certification Intro to the 10 CISSP domains of the Common Body of Knowledge : The Security Professional (CISSP) is an information security certification that was developed by the International

More information

SIGS AFTERWORK EVENT. Security: which operational model for which scenario. Hotel Warwick - Geneva

SIGS AFTERWORK EVENT. Security: which operational model for which scenario. Hotel Warwick - Geneva SIGS AFTERWORK EVENT Security: which operational model for which scenario Hotel Warwick - Geneva Johny Gasser Information Security & Compliance Officer (for a global customer) Orange Business Services

More information

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services Solution Overview Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services OPTIMIZE YOUR CLOUD SERVICES TO DRIVE BETTER BUSINESS OUTCOMES Reduce Cloud Business Risks and Costs

More information

AVOIDING SILOED DATA AND SILOED DATA MANAGEMENT

AVOIDING SILOED DATA AND SILOED DATA MANAGEMENT AVOIDING SILOED DATA AND SILOED DATA MANAGEMENT Dalton Cervo Author, Consultant, Data Management Expert March 2016 This presentation contains extracts from books that are: Copyright 2011 John Wiley & Sons,

More information

FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION

FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION The process of planning and executing SQL Server migrations can be complex and risk-prone. This is a case where the right approach and

More information

Cloud-Security: Show-Stopper or Enabling Technology?

Cloud-Security: Show-Stopper or Enabling Technology? Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics

More information

1. You should attempt all 40 questions. Each question is worth one mark.

1. You should attempt all 40 questions. Each question is worth one mark. Sample Paper D Question Booklet Multiple Choice Exam Duration: 60 minutes Instructions 1. You should attempt all 40 questions. Each question is worth one mark. 2. Mark your answers on the answer sheet

More information

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045 Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that

More information

IBM services and technology solutions for supporting GDPR program

IBM services and technology solutions for supporting GDPR program IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment

More information

Security Communications and Awareness

Security Communications and Awareness Security Communications and Awareness elearning OVERVIEW Recent high-profile incidents underscore the need for security awareness training. In a world where your employees are frequently exposed to sophisticated

More information

NPP & Blockchain Have you thought about the data? Ken Krupa, CTO, MarkLogic

NPP & Blockchain Have you thought about the data? Ken Krupa, CTO, MarkLogic NPP & Blockchain Have you thought about the data? Ken Krupa, CTO, MarkLogic Hello SLIDE: 2 14 COPYRIGHT November 2017 MARKLOGIC CORPORATION. ALL RIGHTS RESERVED. A QUICK LOOK New Payments Platform Open

More information

Metadata Management as a Key Component to Data Governance, Data Stewardship, and Data Quality Management. Wednesday, July 20 th 2016

Metadata Management as a Key Component to Data Governance, Data Stewardship, and Data Quality Management. Wednesday, July 20 th 2016 Metadata Management as a Key Component to Data Governance, Data Stewardship, and Data Quality Management Wednesday, July 20 th 2016 Confidential, Datasource Consulting, LLC 2 Multi-Domain Master Data Management

More information

WECC Internal Controls Evaluation Process WECC Compliance Oversight Effective date: October 15, 2017

WECC Internal Controls Evaluation Process WECC Compliance Oversight Effective date: October 15, 2017 WECC Internal Controls Evaluation Process WECC Compliance Oversight Effective date: October 15, 2017 155 North 400 West, Suite 200 Salt Lake City, Utah 84103-1114 WECC Internal Controls Evaluation Process

More information

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES 1. INTRODUCTION If you are responsible for maintaining or using

More information

Informatica Enterprise Information Catalog

Informatica Enterprise Information Catalog Data Sheet Informatica Enterprise Information Catalog Benefits Automatically catalog and classify all types of data across the enterprise using an AI-powered catalog Identify domains and entities with

More information