9. SecureAware® SecureAware®, an all-in-one platform for compliance, best practices and security awareness that incorporates an automated compliance workflow system built in accordance with ISO international standards. It currently supports ISO 2700x, PCI DSS, and CoBIT 4.1 frameworks out-of-the box 4
17. Aberdeen Group Report 7 Effective GRC Management Positioning Your Company for Growth December 2010 In-depth and comprehensive look into process, procedure, methodologies, and technologies with best practice identification and actionable recommendations. Download from http://www.lightwavesecurity.com/grc_report.html
18.
19. Review of capabilities and enabling technologies that help improve financial and operational control
22. Parent companies continue to be concerned about management standards across their constituent companies, operational risks, and the ability to comply in a dynamic regulatory environment9
23.
24. Organizations must closely track and manage their processes against regulations that vary widelyThe global economy necessitates expediting key processes and mitigating risks 10
32. Work effectively with government and regulatory bodies to ensure business compliance13
33.
34.
35. Address problems associated with financial and operational controlThis traditional approach relegates GRC to a Cost Center, not a business enabler 15
36.
37. Attracting new customers through liability-reductionBest-in-class companies view GRC solutions and services as key elements to their growth strategy 16
38.
39. GRC prevents executives from being able to understand the impact of risk on overall corporate performancein a timely manner17
40.
41. In these organizations, executives are able to understand the impact of risk on overall corporate performance18
42.
43. GRC is too generic and can’t generate enough data to identify the sources of issues in my complex organization
44. We need both Quantitative and Qualitative data and GRC can't supply both19
45.
46. Both qualitative and quantitative feedback can be collected from various departments, at various levels, to validate the success of the strategy
49. Management can’t get easily get mission-critical risk data that impacts corporate objectives21
50.
51. Best-in-Class companies leverage this centralized repository to maintain GRC information to provide visibility into to management directives, risk elements, and regulatory changes22
52.
53. Getting real-time data out of a GRC program is nearly impossible, so I can’t get actionable information23
54.
55. Best-in-Class companies are therefore better at measuring how well their staff is following management directives
56. Timely tracking of corporate governance effectiveness enables executives to ensure the alignment of staff execution to enterprise objectives24
57.
58. Our data is created by people, and they understand it best
61. Effective GRC provides an infrastructure that allows executives to concurrently access GRC data / information
62. GRC tears down silos of information, allowing decisions to be made in a quick and informed manner26
63. Myth #7 – GRC is just another “Me Too” project Everyone has tried it, and the benefits don’t exceed the costs The ROI for GRC just isn’t there 27
64. Myth #7 – Busted GRC Differentiates Implementing a GRC program will help to differentiate a company from its competitors GRC provides a quantifiable ROI due to increased agility and growth GRC = Governance, Risk and Compliance OR “Guard Assets, Revenue Enhancement, Cost Reduction” 28
74. Creating additional revenue opportunities by meeting compliance requirements for selling into new markets / regions30
75.
76. making sure that objectives, risk, regulatory information, and accountability information are made visible to stakeholders ahead of time to enable informed decisions31
104. Contact Information Thank you for attending our webinar! For a copy of this presentation please send an email to: Erik Rolf Vice President Enterprise GRC Lightwave Security erolf@lightwavesecurity.com 34