• Save
ciso-platform-annual-summit-2013-Key pillars of an effective risk management program
Upcoming SlideShare
Loading in...5
×
 

ciso-platform-annual-summit-2013-Key pillars of an effective risk management program

on

  • 270 views

Presented by K S Narayanan at CISO Platform Annual Summit, 2013. Narayanan is the Head Information Risk Management at ING Vysya Bank responsible for strategy, policy, risk management and information ...

Presented by K S Narayanan at CISO Platform Annual Summit, 2013. Narayanan is the Head Information Risk Management at ING Vysya Bank responsible for strategy, policy, risk management and information security program management implementation for ING Vysya Bank.

Statistics

Views

Total Views
270
Views on SlideShare
231
Embed Views
39

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 39

http://www.cisoplatform.com 39

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    ciso-platform-annual-summit-2013-Key pillars of an effective risk management program ciso-platform-annual-summit-2013-Key pillars of an effective risk management program Presentation Transcript

    • Key pillars of an effective Risk Management Program Prepared by: K.S.Narayanan Head – Information Risk Management - ING Vysya Bank Date: 15th Nov 2013
    • Information Security & Risk Information Security is • More focused on technology • Compliance driven • Identify threats • Defines controls • Monitor controls Information Risk Management defines • The areas which should be secured • Business value & Business Impact • Compliance and strategy • Structured Approach • Provides information to decision makers • Does not make decisions for business
    • Current IT Security Scenario
    • “Volvo Bus Security Syndrome” • Is there a Governance Issue ? • Are Risks & Controls not aligned ? • Weak architecture and control design for fire safety ? • Who assessed the risk appetite ? Is this an outcome of only technology driven and compliance focused assurance ! 14th Nov 13 :- 7 dead after Mumbai-Bangalore Volvo bus catches fire 30th Oct 13 :- 45 charred to death in Volvo bus blaze near Hyderabad Disclaimer :- This analysis is not intended to question Volvo technical and safety controls. Only used here for the purpose of a case study for an effective risk management.
    • Effective Risk Management - Critical Factors • Suitable Governance Model • Common Risk Language & Risk footprints • Risk Assessments – Standard based + Scenario based • Risk Appetite for business/risk decision making • Reference Architecture based – Security controls implementation • Data centric approach
    • ERM Framework – IT Risk • • • • • • Aligning risk appetite and strategy Enhancing risk response decisions Reducing operational surprises and losses Identifying and managing multiple and cross-enterprise risks Seizing opportunities Improving deployment of capital
    • THANK YOU 7