Importance of the Data Management process in setting up the GDPR within a company CREOBIS

Size: px
Start display at page:

Download "Importance of the Data Management process in setting up the GDPR within a company CREOBIS"

Transcription

1 Importance of the Data Management process in setting up the GDPR within a company CREOBIS 1 Alain Cieslik

2 Personal Data is the oil of the digital world 2 Alain Cieslik

3 Personal information comes in different forms & media. 3

4 Personal information comes in different forms & media. Personal Data Non-Structured Semi-structured Excel / Word / Powerpoint Picture / Video / Sound Paper / Chat Social Network Search Engine Web page XML JSON NOSQL Structured Database 4

5 IT Ecosystem for personal data Data Center Cloud Big Data Applications Databases File servers Mainframes Data warehouse IaaS Paas SaaS Data Lake NoSql Hadoop 5

6 IT Ecosystem for personal data: File systems Documents 6

7 IT Ecosystem for personal data: Databases Privacy by design Art 25. Data Protection by design Art 32. Security of processing 7

8 IT Ecosystem for personal data: Modern Data warehouse 8

9 Manage Personal Data lifecycle 9

10 Personal information comes in a lot of different forms & media. IT Ecosystem for personal data is complex Manage Personal Data lifecycle 10

11 Data Management Overview 11 Alain Cieslik

12 Data Management Overview Guiding Principles 1. Data and information are valuable enterprise assets. 2. Manage data and information carefully, like any other asset, by ensuring adequate quality, security, integrity, protection, availability, understanding, and effective use. 3. Share responsibility for data management between business data stewards (trustees of data assets) and data management professionals (expert custodians of data assets). 4. Data management is a business Knowledge Area and a set of related disciplines. 5. Data management is also an emerging and maturing profession with the IT field. 12

13 Data Management Overview Knowledge Areas (KAs) 1. Data Governance 2. Data Architecture 3. Data Modeling and Design 4. Data Storage and Operations 5. Data Security 6. Reference and Master Data 7. Data Warehousing and Business Intelligence 8. Data Integration and Interoperability 9. Documents and Content 10. Metadata 11. Data Quality 13

14 Data Management Overview General Context Diagram Definition What is the Knowledge Area? Goals What does the Knowledge Area accomplish? Why does the Knowledge Area exist? Activities What are the Knowledge Area s tasks that accomplish the goals? Inputs What do the Knowledge Area s tasks use? Suppliers Who provides the inputs to the Knowledge Area s tasks? Responsible Who is performs the Knowledge Area? Tools What tools do the Knowledge Area s tasks use? Deliverables What does the Knowledge Area deliver? Consumers Who uses the primary deliverables? Stakeholders Who has an interest in the Knowledge Area s success? Metrics What is used to measure the Knowledge Area s success? 14

15 15 Alain Cieslik

16 Art 5. Principles relating to processing of personal data 16 Alain Cieslik

17 Art 5. Principles relating to processing of personal data Lawfulness, fairness and transparency Purpose limitation Data minimisation Accuracy Storage limitation Integrity & confidentiality Accountability 17

18 Art 5. Principles relating to processing of personal data Principles Governance Quality Metadata Security lawfulness, fairness and transparency purpose limitation data minimisation accuracy storage limitation integrity and confidentiality 18

19 DMBOK2 - Key Areas 19 Alain Cieslik

20 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Data Governance and Stewardship Goals 1. Define, approve, communicate, and implement principles, policies, procedures, metrics, tools, and responsibilities for data management. 2. Track and enforce compliance to regulatory and internal data policies. 3. Monitor and guide data usage and management activities. Activities 1. Define Data Governance for the organization 2. Define the Operating Framework 3. Create and implement data principles and policies 4. Define roles 5. Implement and sustain 20

21 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Goals of Business Cultural Development Goals 1. To define a data-centric organization 2. To understand how business culture development supports data governance 3. To define change management activities that can support data management and business culture alignment 4. To highlight the need for communication and training in data management activities Activities 1. Create a data-centric organization 2. Develop organizational touchpoints 3. Develop data-centric culture controls 21

22 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Data in the Cloud Goals 1. Define, contract, implement, and monitor cloud based data management areas of programs. 2. Define implement/contract, monitor and report SLAs on internal and external data stores. Activities 1. Assess organizational readiness 2. Define cloud and outsourcing requirements for the organization 3. Define and execute contracting requirements 4. Select and execute cloud infrastructure vendor environment 5. Develop security rules and ETL/capture data change (CDC) code 6. Operationalize cloud data activities 7. Report on service monitoring 22

23 DMBOK2 Key Areas Data Governance 1. Data Governance Planning, supervision and control over data management and use. Data Handling Ethics Goals 1. Review Data-Handling Practices 2. Develop the Ethical Data Handling Strategy 3. Communicate and Educate Staff 4. Address Practices Gaps 5. Monitor and Maintain Alignment Activities 1. Review Data-Handling Practices 2. Develop the Ethical Data Handling Strategy 3. Communicate and Educate Staff 4. Address Practices Gaps 5. Monitor and Maintain Alignment 23

24 DMBOK2 Key Areas Data Governance 5. Data Security Definition, planning, development, and execution of security policies and procedures to provide proper authentication, authorization, access, and auditing of data and information assets. Goals 1. Enable appropriate, and prevent inappropriate, access to enterprise data assets. 2. Understand and comply with all relevant regulations and policies for privacy, protection, and confidentiality. 3. Ensure that the privacy and confidentiality needs of all stakeholders are enforced and audited. Activities 1. Identify Relevant Data Security Requirements 2. Define Data Security Policy 3. Define Data Security Standards 4. Assess Current Security Risks 5. Implement Data Security Controls and Procedures 24

25 DMBOK2 Key Areas Data Governance 10. Metadata Planning, Implementation, and control activities to enable access to high quality, integrated metadata Goals 1. Provide organizational understanding of business terms and usage 2. Collect and integrate metadata from diverse sources 3. Provide standard way to access the metadata 4. Ensure metadata quality and security Activities 1. Define the Metadata Strategy 2. Understand Metadata Requirements 3. Define Metadata Architecture 4. Create MetaModel 5. Apply Metadata Standards 6. Manage Metadata Stores 7. Create and Maintain Metadata 8. Integrate Metadata 9. Distribute and Deliver Metadata 10. Query, Report and Analyze Metadata 25

26 DMBOK2 Key Areas Data Governance 11. Data Quality The planning, implementation, and control activities that apply quality management techniques to data, in order to assure it is fit for consumption and business purpose(s). Goals 1. Develop a governed approach to measurably improve the quality of data according to defined business rules. 2. Define requirements and specifications for integrating data quality control into the system development lifecycle. 3. Define and implement processes for measuring, monitoring, and reporting conformance to acceptable levels of data quality. Activities 1. Create a Data Quality Culture 2. Perform Preliminary Data Quality Assessment 3. Define Data Quality Requirements 4. Assess Data Quality 5. Develop and Deploy Data Quality Operations 6. Measure and Monitor Data Quality 26

27 DMBOK2 Key Areas Data Governance Phase 1 Acquire data capabilities Data Security Data Storage & Operations Data Modeling and Design Data integration & interoperability Phase 2 Improve data quality Data Architecture Data Quality Metadata Phase 3 Setup data governance Data Governance Data Warehousing Documents & Contents Reference & Master Data Phase 4 Advanced analytic capabilities Data Mining Data Analytics Big Data DMBook 2.0: Purchase or Built database capability 27

28 Summary of GDPR and Information Governance 28 Alain Cieslik

29 Summary of GDPR and Information Governance Risk & Penalties Mitigation Risk based approach to data protection Principle driven Extra territoriality Fines as % of Global turnover Increased Penalties Core principles 1. lawfulness, fairness and transparency 2. purpose limitation 3. data minimisation 4. accuracy 5. storage limitation 6. integrity and confidentiality 7. accountability Data Management Mitigating factors 29

30 Summary of GDPR and Information Governance Respect privacy 30

31 Summary of GDPR and Information Governance Core principles 1. lawfulness, fairness and transparency 2. purpose limitation 3. data minimisation 4. accuracy 5. storage limitation 6. integrity and confidentiality 7. accountability Data Management Data protection officer Documentation Evidence of effectiveness Privacy by design Oversee & Govern Plan & Build Do & Manage Engage & Respond Respect privacy 31

32 Summary of GDPR and Information Governance Risk & Penalties Mitigation Risk based approach to data protection Principle driven Extra territoriality Fines as % of Global turnover Increased Penalties Core principles 1. lawfulness, fairness and transparency 2. purpose limitation 3. data minimisation 4. accuracy 5. storage limitation 6. integrity and confidentiality 7. accountability Explicit focus on Data Management Data protection officer Documentation Evidence of effectiveness Oversee & Govern Plan & Build Do & Manage Mitigating factors Privacy by design Engage & Respond Respect privacy 32

33 In conclusion Ø Data is a company asset that need to be managed Ø Do not underestimate the complexity of managing data Ø A lot of different type of format and media Ø A complex ecosystem Ø The challenge of managing the full data lifecycle Ø Data Management Frameworks can help you in this journey Ø Data Management requires an entreprise perspective Ø GDPR is a fantastic opportunity to improve the data management in your company 33

34 34

35 References o o o o o dc38047f3496&v=&b=&from_search=12 35

TDWI Data Governance Fundamentals: Managing Data as an Asset

TDWI Data Governance Fundamentals: Managing Data as an Asset TDWI Data Governance Fundamentals: Managing Data as an Asset Training Details Training Time : 1 Day Capacity : 10 Prerequisites : There are no prerequisites for this course. About Training About Training

More information

Security and Privacy Governance Program Guidelines

Security and Privacy Governance Program Guidelines Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by

More information

Data Governance Central to Data Management Success

Data Governance Central to Data Management Success Data Governance Central to Data Success International Anne Marie Smith, Ph.D. DAMA International DMBOK Editorial Review Board Primary Contributor EWSolutions, Inc Principal Consultant and Director of Education

More information

ISACA. Certification Details for Certified in the Governance of Enterprise IT (CGEIT )

ISACA. Certification Details for Certified in the Governance of Enterprise IT (CGEIT ) ISACA Pasitikėjimas informacinėmis sistemomis ir jų nauda Certification Details for Certified in the Governance of Enterprise IT (CGEIT ) Dainius Jakimavičius, CGEIT ISACA Lietuva tyrimų ir metodikos koordinatorius

More information

How ISO can assist with your GDPR compliance

How ISO can assist with your GDPR compliance How ISO 27001 can assist with your GDPR compliance GDPR Summit May 30 th 2018 Sharon O Reilly IT Governance Ltd www.itgovernance.eu Introduction: Speaker Background GRC/GDPR Consultant Ireland IT Governance

More information

General Data Protection Regulation (GDPR) The impact of doing business in Asia

General Data Protection Regulation (GDPR) The impact of doing business in Asia SESSION ID: GPS-R09 General Data Protection Regulation (GDPR) The impact of doing business in Asia Ilias Chantzos Senior Director EMEA & APJ Government Affairs Symantec Corporation @ichantzos Typical Customer

More information

DATA STEWARDSHIP BODY OF KNOWLEDGE (DSBOK)

DATA STEWARDSHIP BODY OF KNOWLEDGE (DSBOK) DATA STEWARDSHIP BODY OF KNOWLEDGE (DSBOK) Release 2.2 August 2013. This document was created in collaboration of the leading experts and educators in the field and members of the Certified Data Steward

More information

EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE

EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE Overview all ICT Profile changes in title, summary, mission and from version 1 to version 2 Versions Version 1 Version 2 Role Profile

More information

The Data Governance Journey at Principal

The Data Governance Journey at Principal The Data Governance Journey at Principal DAMA Iowa Meeting 9/20/2016 Andrea Jackson, IT Business Analyst, Sr. Sarah Playle, AD Data Quality & Governance Data governance anyone? Agenda Background Business

More information

Accelerate GDPR compliance with the Microsoft Cloud

Accelerate GDPR compliance with the Microsoft Cloud Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with

More information

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological

More information

Accountability Conceptual Framework

Accountability Conceptual Framework Accountability Conceptual Framework Massimo Felici, HP Trust in the Digital World and Cyber Security & Privacy EU Forum Brussels,18 th April 2013 Motivations for an accountability-based approach Drivers

More information

The Etihad Journey to a Secure Cloud

The Etihad Journey to a Secure Cloud SESSION ID: CCS-T07 The Etihad Journey to a Secure Cloud Georges de Moura Head of Group Information Security, Risk & Compliance Etihad Aviation Group History: Before The Cloud Devolved IT Decision-Making

More information

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard Certification Exam Outline Effective Date: April 2013 About CISSP-ISSMP The Information Systems Security Management Professional (ISSMP) is a CISSP who specializes in establishing, presenting, and governing

More information

Enabling Data Governance Leveraging Critical Data Elements

Enabling Data Governance Leveraging Critical Data Elements Adaptive Presentation at DAMA-NYC October 19 th, 2017 Enabling Data Governance Leveraging Critical Data Elements Jeff Goins, President, Jeff.goins@adaptive.com James Cerrato, Chief, Product Evangelist,

More information

EU General Data Protection Regulation (GDPR) Achieving compliance

EU General Data Protection Regulation (GDPR) Achieving compliance EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,

More information

Manchester Metropolitan University Information Security Strategy

Manchester Metropolitan University Information Security Strategy Manchester Metropolitan University Information Security Strategy 2017-2019 Document Information Document owner Tom Stoddart, Information Security Manager Version: 1.0 Release Date: 01/02/2017 Change History

More information

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18 Pierce County Classification Description IT SECURITY OFFICER Department: Information Technology Job Class #: 634900 Pay Range: Professional 18 FLSA: Exempt Represented: No Classification descriptions are

More information

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13 I. Vision A highly reliable and secure bulk power system in the Electric Reliability Council of Texas

More information

Securing Your Digital Transformation

Securing Your Digital Transformation Securing Your Digital Transformation Security Consulting Managed Security Leveraging experienced, senior experts to help define and communicate risk and security program strategy using real-world data,

More information

locuz.com SOC Services

locuz.com SOC Services locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security

More information

General Data Protection Regulation (GDPR) and the Implications for IT Service Management

General Data Protection Regulation (GDPR) and the Implications for IT Service Management General Data Protection Regulation (GDPR) and the Implications for IT Service Management August 2018 WHITE PAPER GDPR: What is it? The EU General Data Protection Regulation (GDPR) replaces the Data Protection

More information

Position Title: IT Security Specialist

Position Title: IT Security Specialist Position Title: IT Security Specialist SASRIA SOC LIMITED Sasria, a state-owned company, is the only short-term insurer in South Africa that provides affordable voluntary cover against special risks such

More information

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating

More information

CISM - Certified Information Security Manager. Course Outline. CISM - Certified Information Security Manager.

CISM - Certified Information Security Manager. Course Outline. CISM - Certified Information Security Manager. Course Outline CISM - Certified Information Security Manager 20 Nov 2017 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led

More information

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK KEY BENEFITS AT A GLANCE Ensure your journey to the cloud is secure and convenient, without compromising either. Drive business agility

More information

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Charting the Course... Certified Information Systems Auditor (CISA) Course Summary Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business

More information

April 17, Ronald Layne Manager, Data Quality and Data Governance

April 17, Ronald Layne Manager, Data Quality and Data Governance Ensuring the highest quality data is delivered throughout the university providing valuable information serving individual and organizational need April 17, 2015 Ronald Layne Manager, Data Quality and

More information

MNsure Privacy Program Strategic Plan FY

MNsure Privacy Program Strategic Plan FY MNsure Privacy Program Strategic Plan FY 2018-2019 July 2018 Table of Contents Introduction... 3 Privacy Program Mission... 4 Strategic Goals of the Privacy Office... 4 Short-Term Goals... 4 Long-Term

More information

Data Governance: Are Governance Models Keeping Up?

Data Governance: Are Governance Models Keeping Up? Data Governance: Are Governance Models Keeping Up? Jim Crompton and Paul Haines Noah Consulting Calgary Data Management Symposium Oct 2016 Copyright 2012 Noah Consulting LLC. All Rights Reserved. Page

More information

Managing SaaS risks for cloud customers

Managing SaaS risks for cloud customers Managing SaaS risks for cloud customers Information Security Summit 2016 September 13, 2016 Ronald Tse Founder & CEO, Ribose For every IaaS/PaaS, there are 100s of SaaS PROBLEM SaaS spending is almost

More information

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert Aligning IT, Security and Risk Management Programs Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert Challenges to Risk Management & Governance Balancing extensive requirements

More information

Data Management and Security in the GDPR Era

Data Management and Security in the GDPR Era Data Management and Security in the GDPR Era Franck Hourdin; Vice President, EMEA Security Russ Lowenthal; Director, Database Security Product Management Mike Turner; Chief Operating Officer, Capgemini

More information

GDPR compliance: some basics & practical to do list

GDPR compliance: some basics & practical to do list GDPR compliance: some basics & practical to do list Philippe LAURENT independent full service business law firm located in Brussels May 2017 Personal data processing = any operation or set of operations

More information

Data Governance: Data Usage Labeling and Enforcement in Adobe Cloud Platform

Data Governance: Data Usage Labeling and Enforcement in Adobe Cloud Platform Data Governance: Data Usage Labeling and Enforcement in Adobe Cloud Platform Contents What is data governance? Why data governance? Data governance roles. The Adobe Cloud Platform advantage. A framework

More information

A Global Look at IT Audit Best Practices

A Global Look at IT Audit Best Practices A Global Look at IT Audit Best Practices 2015 IT Audit Benchmarking Survey March 2015 Speakers Kevin McCreary is a Senior Manager in Protiviti s IT Risk practice. He has extensive IT audit and regulatory

More information

Data Stewardship Core by Maria C Villar and Dave Wells

Data Stewardship Core by Maria C Villar and Dave Wells Data Stewardship Core by Maria C Villar and Dave Wells All rights reserved. Reproduction in whole or part prohibited except by written permission. Product and company names mentioned herein may be trademarks

More information

GDPR: A QUICK OVERVIEW

GDPR: A QUICK OVERVIEW GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance

More information

Our agenda. The basics

Our agenda. The basics GDPR - AVG - RGPD. Our agenda The basics Key actions Responsibilities The basics Key actions Responsibilities Who cares? Why? From directive to regulation 24 Oct 1995: a Directive 95/46/EC is adopted partially

More information

Recommendations on How to Tackle the D in GDPR. White Paper

Recommendations on How to Tackle the D in GDPR. White Paper Recommendations on How to Tackle the D in GDPR White Paper ABOUT INFORMATICA Digital transformation changes expectations: better service, faster delivery, with less cost. Businesses must transform to stay

More information

CISM Certified Information Security Manager

CISM Certified Information Security Manager CISM Certified Information Security Manager Firebrand Custom Designed Courseware Logistics Start Time Breaks End Time Fire escapes Instructor Introductions Introduction to Information Security Management

More information

Jelena Roljevic Assistant Vice President, Business Intelligence Ronald Layne Data Governance and Data Quality Manager

Jelena Roljevic Assistant Vice President, Business Intelligence Ronald Layne Data Governance and Data Quality Manager Jelena Roljevic Assistant Vice President, Business Intelligence roljevic@gwu.edu Ronald Layne Data Governance and Data Quality Manager rlayne@gwu.edu July 13, 2016 Key Takeaways 1. How to ensure strong

More information

Data Governance Quick Start

Data Governance Quick Start Service Offering Data Governance Quick Start Congratulations! You ve been named the Data Governance Leader Now What? Benefits Accelerate the initiation of your Data Governance program with an industry

More information

Data Governance Industrial Internet & Big Data

Data Governance Industrial Internet & Big Data Data Governance Kari Hiekkanen 29.3.2018 CS-E5340 Introduction to Industrial Internet Industrial Internet & Big Data (IDC Data Age 2025, April 2017) 1 Industrial Internet & Big Data (Statista, 2017) Data

More information

GDPR: A technical perspective from Arkivum

GDPR: A technical perspective from Arkivum GDPR: A technical perspective from Arkivum Under the GDPR, you have a general obligation to implement technical and organisational measures to show that you have considered and integrated data protection

More information

Accelerate Your Enterprise Private Cloud Initiative

Accelerate Your Enterprise Private Cloud Initiative Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service

More information

Vendor: The Open Group. Exam Code: OG Exam Name: TOGAF 9 Part 1. Version: Demo

Vendor: The Open Group. Exam Code: OG Exam Name: TOGAF 9 Part 1. Version: Demo Vendor: The Open Group Exam Code: OG0-091 Exam Name: TOGAF 9 Part 1 Version: Demo QUESTION 1 According to TOGAF, Which of the following are the architecture domains that are commonly accepted subsets of

More information

CCISO Blueprint v1. EC-Council

CCISO Blueprint v1. EC-Council CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance

More information

2 The IBM Data Governance Unified Process

2 The IBM Data Governance Unified Process 2 The IBM Data Governance Unified Process The benefits of a commitment to a comprehensive enterprise Data Governance initiative are many and varied, and so are the challenges to achieving strong Data Governance.

More information

Google Cloud & the General Data Protection Regulation (GDPR)

Google Cloud & the General Data Protection Regulation (GDPR) Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to

More information

INTELLIGENCE DRIVEN GRC FOR SECURITY

INTELLIGENCE DRIVEN GRC FOR SECURITY INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to

More information

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016

Data Protection. Practical Strategies for Getting it Right. Jamie Ross Data Security Day June 8, 2016 Data Protection Practical Strategies for Getting it Right Jamie Ross Data Security Day June 8, 2016 Agenda 1) Data protection key drivers and the need for an integrated approach 2) Common challenges data

More information

Best Practices in Enterprise Data Governance

Best Practices in Enterprise Data Governance Best Practices in Enterprise Data Governance Scott Gidley and Nancy Rausch, SAS WHITE PAPER SAS White Paper Table of Contents Introduction.... 1 Data Governance Use Case and Challenges.... 1 Collaboration

More information

Cloud Customer Architecture for Securing Workloads on Cloud Services

Cloud Customer Architecture for Securing Workloads on Cloud Services Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,

More information

The Value of Force.com as a GRC Platform

The Value of Force.com as a GRC Platform The Value of Force.com as a GRC Platform Andy Evans - Xactium Limited March 2009 Executive Summary The importance of governance, risk and compliance (GRC) activities to organizations has become increasingly

More information

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow Managing Privacy Risk & Compliance in Financial Services Brett Hamilton Advisory Solutions Consultant ServiceNow 1 Speaker Introduction INSERT PHOTO Name: Brett Hamilton Title: Advisory Solutions Consultant

More information

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

EU GDPR and  . The complete text of the EU GDPR can be found at  What is GDPR? EU GDPR and Email The EU General Data Protection Regulation (GDPR) is the new legal framework governing the use of the personal data of European Union (EU) citizens across all EU markets. It replaces existing

More information

Isaca EXAM - CISM. Certified Information Security Manager. Buy Full Product.

Isaca EXAM - CISM. Certified Information Security Manager. Buy Full Product. Isaca EXAM - CISM Certified Information Security Manager Buy Full Product http://www.examskey.com/cism.html Examskey Isaca CISM exam demo product is here for you to test the quality of the product. This

More information

Implementing a Successful Data Governance Program

Implementing a Successful Data Governance Program Implementing a Successful Data Governance Program Mary Anne Hopper Data Management Consulting Manager SAS #AnalyticsX Data Stewardship #analyticsx SAS Data Management Framework BUSINESS DRIVERS DATA GOVERNANCE

More information

A company built on security

A company built on security Security How we handle security at Flywheel Flywheel was founded in 2012 on a mission to create an exceptional platform to help creatives do their best work. As the leading WordPress hosting provider for

More information

Helping Address GDPR Compliance Using Oracle Security Solutions ORACLE WHITE PAPER SEPTEMBER 2017

Helping Address GDPR Compliance Using Oracle Security Solutions ORACLE WHITE PAPER SEPTEMBER 2017 Helping Address GDPR Compliance Using Oracle Security Solutions ORACLE WHITE PAPER SEPTEMBER 2017 Disclaimer The purpose of this document is to help organizations understand how Oracle security solutions

More information

Network Visibility and Segmentation

Network Visibility and Segmentation Network Visibility and Segmentation 2019 Cisco and/ or its affiliates. All rights reserved. Contents Network Segmentation A Services Approach 3 The Process of Segmentation 3 Segmentation Solution Components

More information

STEP Data Governance: At a Glance

STEP Data Governance: At a Glance STEP Data Governance: At a Glance Master data is the heart of business optimization and refers to organizational data, such as product, asset, location, supplier and customer information. Companies today

More information

Exam4Tests. Latest exam questions & answers help you to pass IT exam test easily

Exam4Tests.   Latest exam questions & answers help you to pass IT exam test easily Exam4Tests http://www.exam4tests.com Latest exam questions & answers help you to pass IT exam test easily Exam : CISM Title : Certified Information Security Manager Vendor : ISACA Version : DEMO 1 / 10

More information

MOBIUS + ARKIVY the enterprise solution for MIFID2 record keeping

MOBIUS + ARKIVY the enterprise solution for MIFID2 record keeping + Solution at a Glance IS A ROBUST AND SCALABLE ENTERPRISE CONTENT ARCHIVING AND MANAGEMENT SYSTEM. PAIRED WITH THE DIGITAL CONTENT GATEWAY, YOU GET A UNIFIED CONTENT ARCHIVING AND INFORMATION GOVERNANCE

More information

Course Information

Course Information Course Information 2018-2020 Master of Information Systems: Management and Innovation Institutt for teknologi / Department of Technology Index Index... i 1... 1 1.1 Content... 1 1.2 Name... 1 1.3 Programme

More information

Solving the Enterprise Data Dilemma

Solving the Enterprise Data Dilemma Solving the Enterprise Data Dilemma Harmonizing Data Management and Data Governance to Accelerate Actionable Insights Learn More at erwin.com Is Our Company Realizing Value from Our Data? If your business

More information

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015 Cloud Computing Standard Effective Date: July 28, 2015 1.1 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually

More information

GDPR compliance. GDPR preparedness with OpenText InfoArchive. White paper

GDPR compliance. GDPR preparedness with OpenText InfoArchive. White paper White paper GDPR preparedness with OpenText InfoArchive The new EU privacy law, GDPR, will be in effect in less than a year. OpenText has the solutions to help you prepare and comply to this new law. Contents

More information

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES Introductions Agenda Overall data risk and benefit landscape / shifting risk and opportunity landscape and market expectations Looking at data

More information

Getting ready for GDPR

Getting ready for GDPR Getting ready for GDPR Cybersecurity for Data Protection Brought to you by: What is GDPR? The (GDPR) is the European Union s response to the increasing privacy demands of the European society. The primary

More information

Building a Data Strategy for a Digital World

Building a Data Strategy for a Digital World Building a Data Strategy for a Digital World Jason Hunter, CTO, APAC Data Challenge: Pushing the Limits of What's Possible The Art of the Possible Multiple Government Agencies Data Hub 100 s of Service

More information

Developing your GDPR response for competitive advantage. EU General Data Protection Regulation (GDPR)

Developing your GDPR response for competitive advantage. EU General Data Protection Regulation (GDPR) Developing your GDPR response for competitive advantage EU General Data Protection Regulation (GDPR) Introduction In May 2018, the EU s new GDPR ushers in unprecedented levels of data protection for EU

More information

Practical Guide to Hybrid Cloud Computing. Cloud-Computing.

Practical Guide to Hybrid Cloud Computing.  Cloud-Computing. Practical Guide to Hybrid Cloud Computing http://www.cloud-council.org/deliverables/cscc-practical-guide-to-hybrid- Cloud-Computing.pdf April 21, 2016 The Cloud Standards Customer Council THE Customer

More information

IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)

IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT) DESIGNATION Reporting to Division Office Location IT MANAGER PERMANENT SALARY SCALE: P07 (R806 593.00) Ref:AgriS042/2019 Information Technology Manager CEO Information Technology (IT) Head office JOB PURPOSE

More information

Securing Your Cloud Introduction Presentation

Securing Your Cloud Introduction Presentation Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security Today

More information

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain Merritt Maxim Principal Analyst Forrester Martijn Loderus Director & Global Practice Partner for Advisory Consulting Janrain Merritt and Martijn will share insights on Digital Transformation & Drivers

More information

DRI: Preservation Planning Case Study Getting Started in Digital Preservation Digital Preservation Coalition November 2013 Dublin, Ireland

DRI: Preservation Planning Case Study Getting Started in Digital Preservation Digital Preservation Coalition November 2013 Dublin, Ireland DRI: Preservation Planning Case Study Getting Started in Digital Preservation Digital Preservation Coalition November 2013 Dublin, Ireland Dr Aileen O Carroll Policy Manager Digital Repository of Ireland

More information

The Data Catalog The Key to Managing Data, Big and Small. April Reeve May

The Data Catalog The Key to Managing Data, Big and Small. April Reeve May The Data Catalog The Key to Managing Data, Big and Small April Reeve May 18 2017 April Reeve Thirty years doing data oriented stuff Data Management disciplines Data Integration, Data Governance, Data Modeling,

More information

HCL GRC IT AUDIT & ASSURANCE SERVICES

HCL GRC IT AUDIT & ASSURANCE SERVICES HCL GRC IT AUDIT & ASSURANCE SERVICES Overview The immense progress made in information and communications technology offers enterprises outstanding benefits. However this also results in making the risk

More information

Addressing GDPR Compliance Using Oracle Data Integration and Data Governance Solutions O R A C L E W H I T E P A P E R D E C E M B E R

Addressing GDPR Compliance Using Oracle Data Integration and Data Governance Solutions O R A C L E W H I T E P A P E R D E C E M B E R Addressing GDPR Compliance Using Oracle Data Integration and Data Governance Solutions O R A C L E W H I T E P A P E R D E C E M B E R 2 0 1 7 Disclaimer The purpose of this document is to help organizations

More information

WHITE PAPER. Meeting GDPR Challenges with Delphix. KuppingerCole Report

WHITE PAPER. Meeting GDPR Challenges with Delphix. KuppingerCole Report KuppingerCole Report WHITE PAPER by Mike Small December 2017 GDPR introduces stringent controls over the processing of PII relating to people resident in the EU with high penalties for non-compliance.

More information

CLOUD GOVERNANCE SPECIALIST Certification

CLOUD GOVERNANCE SPECIALIST Certification CLOUD GOVERNANCE SPECIALIST Certification The Cloud Professional (CCP) program from Arcitura is dedicated to excellence in the fields of cloud computing technology, mechanisms, platforms, architecture,

More information

CISM - Certified Information Security Manager. Course Outline. CISM - Certified Information Security Manager. 22 Mar

CISM - Certified Information Security Manager. Course Outline. CISM - Certified Information Security Manager. 22 Mar Course Outline CISM - Certified Information Security Manager 22 Mar 2019 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led

More information

Turning Risk into Advantage

Turning Risk into Advantage Turning Risk into Advantage How Enterprise Wide Risk Management is helping customers succeed in turbulent times and increase their competitiveness Glenn Tjon Partner KPMG Advisory Presentation Overview

More information

10 Considerations for a Cloud Procurement. March 2017

10 Considerations for a Cloud Procurement. March 2017 10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents

More information

Stony Brook University Data Strategy. Presented to the Data Governance Council June 8, 2017

Stony Brook University Data Strategy. Presented to the Data Governance Council June 8, 2017 Stony Brook University Data Strategy Presented to the Data Governance Council June 8, 2017 What is a data strategy? Intentional action & prioritization plan to: Harness and integrate data Create and disseminate

More information

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions Getting ready for GDPR Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions GDPR Background Single EU-wide Regulation Harmonizes Global User Data Protection across

More information

Risk Advisory Academy Training Brochure

Risk Advisory Academy Training Brochure Academy Brochure 2 Academy Brochure Cyber Security Our Cyber Security trainings are focused on building your internal capacity to leverage IT related technologies more confidently and manage risk and uncertainty

More information

Data Governance Toolkit

Data Governance Toolkit Data Governance Toolkit George Reynolds, MD, MMM, FAAP, CPHIMS, CHCIO President, HIMSS Nebraska Chapter Interim Vice President, Education. CHIME Principal, Reynolds Healthcare Advisers Agenda The Value

More information

The Role of IT in HIPAA Security & Compliance

The Role of IT in HIPAA Security & Compliance The Role of IT in HIPAA Security & Compliance Mario Cruz OFMQ Chief Information Officer For audio, you must use your phone: Step 1: Call (866) 906-0123. Step 2: Enter code 2071585#. Mario Cruz Mario Cruz

More information

Practical Guide to Cloud Computing Version 2. Read whitepaper at

Practical Guide to Cloud Computing Version 2. Read whitepaper at Practical Guide to Cloud Computing Version 2 Read whitepaper at www.cloud-council.org/resource-hub Sept, 2015 The Cloud Standards Customer Council THE Customer s Voice for Cloud Standards! 2011/2012 Deliverables

More information

CERT Symposium: Cyber Security Incident Management for Health Information Exchanges

CERT Symposium: Cyber Security Incident Management for Health Information Exchanges Pennsylvania ehealth Partnership Authority Pennsylvania s Journey for Health Information Exchange CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013 Pittsburgh,

More information

Canada Life Cyber Security Statement 2018

Canada Life Cyber Security Statement 2018 Canada Life Cyber Security Statement 2018 Governance Canada Life has implemented an Information Security framework which supports standards designed to establish a system of internal controls and accountability

More information

Certified Information Security Manager (CISM) Course Overview

Certified Information Security Manager (CISM) Course Overview Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,

More information

STRATEGIC PLAN

STRATEGIC PLAN STRATEGIC PLAN 2013-2018 In an era of growing demand for IT services, it is imperative that strong guiding principles are followed that will allow for the fulfillment of the Division of Information Technology

More information

University of Texas Arlington Data Governance Program Charter

University of Texas Arlington Data Governance Program Charter University of Texas Arlington Data Governance Program Charter Document Version: 1.0 Version/Published Date: 11/2016 Table of Contents 1 INTRODUCTION... 3 1.1 PURPOSE OF THIS DOCUMENT... 3 1.2 SCOPE...

More information

Unified Governance for Amazon S3 Data Lakes

Unified Governance for Amazon S3 Data Lakes WHITEPAPER Unified Governance for Amazon S3 Data Lakes Core Capabilities and Best Practices for Effective Governance Introduction Data governance ensures data quality exists throughout the complete lifecycle

More information

ROLE DESCRIPTION IT SPECIALIST

ROLE DESCRIPTION IT SPECIALIST ROLE DESCRIPTION IT SPECIALIST JOB IDENTIFICATION Job Title: Job Grade: Department: Location Reporting Line (This structure reports to?) Full-time/Part-time/Contract: IT Specialist D1 Finance INSETA Head

More information

Modern Database Architectures Demand Modern Data Security Measures

Modern Database Architectures Demand Modern Data Security Measures Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing

More information