0
MENA IT Governance, Risk & Compliance 2010




  IT GRC in the Middle East: Are we there yet?




                        ...
IT GRC in the Middle East: Are we there yet?



           Questions
             1. Where are we today in comparison with...
IT GRC in the Middle East: Are we there yet?



           What is IT GRC?
             Part of overall Corporate Governan...
IT GRC in the Middle East: Are we there yet?



           Where are we today?
             1.   Governance - Setting the ...
IT GRC in the Middle East: Are we there yet?



           How do we achieve?
             1. Strategize and Plan
        ...
IT GRC in the Middle East: Are we there yet?



           Initiatives
             1. Public Sector

             2. Priv...
IT GRC in the Middle East: Are we there yet?



           Key Issues & Challenges
             1. Focus

             2. ...
IT GRC in the Middle East: Are we there yet?




5/6/2010                     Confidential                 8
MENA IT Governance, Risk & Compliance 2010




5/6/2010                  Confidential             9
Upcoming SlideShare
Loading in...5
×

MENA IT Governance, Risk & Compliance 2010

899

Published on

My Inaugural presentation on 3rd May 2010

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
899
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "MENA IT Governance, Risk & Compliance 2010"

  1. 1. MENA IT Governance, Risk & Compliance 2010 IT GRC in the Middle East: Are we there yet? Sudhakar Siddegowda, CISA Chief Information Officer M.H. Group of Companies 5/6/2010 Confidential 1
  2. 2. IT GRC in the Middle East: Are we there yet? Questions 1. Where are we today in comparison with the rest of the world? 2. Regional initiatives in promoting IT Governance, Risk and Compliance 3. Innovation in IT Governance, Risk and Compliance: Key issues and challenges 5/6/2010 Confidential 2
  3. 3. IT GRC in the Middle East: Are we there yet? What is IT GRC? Part of overall Corporate Governance having set of integrated processes to ensure the effective and efficient use of IT in enabling an organization to achieve its goals and attain Full Value Life Cycle Management maturity Full Value Life Cycle Business-IT Alignment Management Value Improve Focus on Core Centralize & IT Activities Standardize GRC Risk Cost Share Operational Risks Reduce/Control Operating Cost 5/6/2010 Confidential 3
  4. 4. IT GRC in the Middle East: Are we there yet? Where are we today? 1. Governance - Setting the Agenda  Business IT Strategy (Demand - Doing the Right Things)  Policies and Principles  Authority and Accountabilities  Business Case and Investments  IT Steering (Supply - Doing Things Right) 2. Risk - Expecting the Unexpected (Risk Register)  Identify  Analyse  Respond – Management (Line, Senior & Executive)  Likelihood – Uncertain to Certain  Impact – Insignificant to Extreme 3. Compliance - Adhering to Frameworks  Business Model for Information Security  Control Objectives for Information and related Technology  IT Assurance Framework  Risk IT  Val IT  Information Technology Infrastructure Library  Payment Card Industry Data Security Standard 5/6/2010 Confidential 4
  5. 5. IT GRC in the Middle East: Are we there yet? How do we achieve? 1. Strategize and Plan  Establish  Develop  Scope 2. Architect Solution  Define  Recommend  Communicate 3. Build  Processes  Charge back  Risk monitoring and management 5/6/2010 Confidential 5
  6. 6. IT GRC in the Middle East: Are we there yet? Initiatives 1. Public Sector 2. Private Sector? 5/6/2010 Confidential 6
  7. 7. IT GRC in the Middle East: Are we there yet? Key Issues & Challenges 1. Focus 2. Commitment 3. Integrating Frameworks and Standards 4. Cost Effective 5. Practical 6. Viable 7. Sustainable 8. People 5/6/2010 Confidential 7
  8. 8. IT GRC in the Middle East: Are we there yet? 5/6/2010 Confidential 8
  9. 9. MENA IT Governance, Risk & Compliance 2010 5/6/2010 Confidential 9
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×