• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Governance Risk & Compliance Trends 2009
 

Governance Risk & Compliance Trends 2009

on

  • 2,727 views

Enterprise Risk Mngt trends, Regulations implications on IT, Best Practices for better Governance Risk & Compliance

Enterprise Risk Mngt trends, Regulations implications on IT, Best Practices for better Governance Risk & Compliance

Statistics

Views

Total Views
2,727
Views on SlideShare
2,703
Embed Views
24

Actions

Likes
2
Downloads
16
Comments
0

4 Embeds 24

http://www.slideshare.net 15
http://sondrapadalecki.blogspot.com 4
http://samurai-corp.blogspot.com 4
http://samurai-corp.blogspot.hu 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Governance Risk & Compliance Trends 2009 Governance Risk & Compliance Trends 2009 Presentation Transcript

    • IT Governance, Risk & Compliance 2009 Your Text here Your Text here Galit Fein VP & Senior Analyst Office of the CIO Strategies All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 1
    • Agenda 1 IT Trends 2009 2 Regulations implications on IT Your Text here Your Text here 3 Best Practices 4 Conclusion Enterprise Risk Mngt All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 2
    • IT Trends 2009 Reduced IT spending Higher standards dictated by new regulations Maintenance mode: Your Text here Your Text here • No new project/technology • Extracting value from existing investments All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 3
    • Taking Advantage of a Downturn Financial crisis has increased the attention to the management of IT costs Increased budget for regulation & security in 2009 Top Pressers Driving ERM Your Text here Your Text here 46% New/ changing regulations 38% Better risk mngt 31% Protect the organization 24% Improve operational efficiencies Source: Aberdeen Group 2008 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 4
    • Current Situation: Compliance, Risk & What? one-time regulation projects  Quick fix  “SOX is the must have - it will not have strategic impact on the organization” Your Text here Your Text here inefficient & becoming a  Fragmented approach to GRC is huge cost driver  “Existing tools handle only documentation of SOX compliance procedures -they don’t check the level of enforcement!” All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 5
    • Enterprise Risk Management CEO must know what are the risks associated with IT investments just as he aware of risks associated with Doubtful Debt / or other important risks finance - IT investment / project: Your Text here Your Text here ROI Budget Schedule ? Risk factors All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 6
    • Prepare to the Unpredictable Satyam, Who Can? Madoff Admits Wipro, 50 Billion $ Fraud IBM, Oracle, Amdocs, Infosys, Cognizant, firing HP 9/11 Your Text here Your Text here Banking crisis: Wall Street crisis Lehman Brothers bankruptcy All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 7
    • Governance, Risk & Compliance! ongoing effort Need for to comply with regulation compliance from a tactical reaction here Your Text to Move Your Text here strategic imperative Firms can no longer afford to approach compliance as tactical project like meeting the SOX deadline All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 8
    • Regulations bring improvements into IT The role of CIO & ITOs will evolve under SOX Resources & recognition of vulnerabilities in the IT area SOX brings improvements into the following areas: • information system security Your Text here Your Text here • segregation of duties • access controls & access monitoring • test procedures & program change mngt • processes to document policies, & controls All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 9
    • Enterprise Risk Management Common Frameworks: Process: Process ITIL  Developing process to improve Maturity models  efficiency & IT service delivery – CMMI , PMM Quality control Quality control: Your Text here Your Text here ISO 9001  Build metrics to follow up  Total Quality Mngt performance & improvement (TQM)  Six Sigma Governance: Governance Establishing oversight measures COBIT  All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 10
    • Best Practices vs. Innovation  STRATEGIC IT  TACTICAL IT • Tactical functions simply • Strategic functions drive Best Innovation keep the business up & the company’s dollar, stock Practices running on a day-to-day value, & competitive Your Text here advantage Text here Your basis:  COBIT  Office of the CIO  CMMI  Portfolio mngt…  ISO  ITIL  Six Sigma… All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 11
    • What’s the Best Practice Framework? No single process/governance ITIL framework will effectively COBIT represent every organization CMMI No single framework covers the ISO complete territory Six Your Text here Your Text here Sigma Leverage & aggregate best practices The combination of process methodologies will provide a more complete view of IT’s operational/ support processes All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 12
    • Importance of: Unified Framework Responsibility Frameworks are tied to each other Different frameworks handled by various orgs roles: • Accountants, CIO, CTO, QA managers, CISO, etc. Responsibility of all frameworks MUST be unified: Your Text here Your Text here This translates itself to greater efficiency & resource saving All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 13
    • Risk & Compliance Mngt Control Objectives for Information CobiT & Related Technology Reference framework for Information Technology ITIL Text here governing IT & Your Your Text here Infrastructure Library compliant with SOX Framework for information ISO security management All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 14
    • Summary Increased budget for regulation 2009 ongoing effort Need for to comply with regulation here Your Text Your Text here Aggregate best practices Responsibility of ERM MUST be unified All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 15
    • Your Text here Your Text here All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 790 7000 www.stki.info 16