• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
It Service Offeringsrbv1.5
 

It Service Offeringsrbv1.5

on

  • 707 views

SOAProjects, Service Offering

SOAProjects, Service Offering
Technology and Risk Management Services

Statistics

Views

Total Views
707
Views on SlideShare
674
Embed Views
33

Actions

Likes
1
Downloads
0
Comments
1

2 Embeds 33

http://www.linkedin.com 24
https://www.linkedin.com 9

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

It Service Offeringsrbv1.5 It Service Offeringsrbv1.5 Presentation Transcript

  • Global Partnering & Team Solutions Connect to Client Excellence
  • Service Expectations Align the Team Client SOAProjects Structured Relationship Knowledge and Insights Customized Solutions Business Imperatives Issues Needs Risk Relationship
  • Providing Technology and Engineering Risk management services, we help clients seize opportunities for growth and profitability while protecting them from risk. Mobilizing our resources effectively and through our network of offices in US, Europe and Asia, SOAProjects manages projects in global multi-billion dollar technology companies.
  •  
  • IT Strategic Planning Business Process Management Reliability Confidentiality Availability Integrity Effectiveness Efficiency Application Solutions Security Program Management Business Continuity – Disaster Recovery Governance, Risk Management and Compliance People Technology Process IT Controls Optimization IT Service Management User Provisioning Change Management Segregation of Duties Certification Readiness IT Controls Self-Assessment
    • The Technology Risk and Management Services (TRMS) technology experts help you assess and establish appropriate safeguards for your information systems.
    IT SERVICE OFFERINGS
    • It is crucial to identify and understand your risks and to create a plan of action.
    • Our model identifies the risks and factors affecting your Company’s IT environment and considers your overall business requirements:
      • Effectiveness
      • Efficiency
      • Confidentiality
      • Integrity
      • Availability
      • Compliance
      • Reliability
  •  
  • Governance Risk & Compliance (GRC) Business Process Management & SOX IT Optimization IT Service Management ITSM ITILv3 Application Solutions (SAP, Oracle, Package Selection) Certification Readiness Information Security Management ISM
  • Business Process Management & SOX IT Optimization IT Service Management ITSM ITILv3 Application Solutions (SAP, Oracle, Package Selection) Certification Readiness Information Security Management ISM Management Advisory Strategic Planning & Risk Management
  • Governance Risk & Compliance (GRC) Application Solutions (SAP, Oracle, Package Selection) Certification Readiness Information Security Management ISM Management Advisory Strategic Planning & Risk Management
  • Governance Risk & Compliance (GRC) Business Process Management & SOX IT Optimization Application Solutions (SAP, Oracle, Package Selection) Certification Readiness Information Security Management ISM Management Advisory Strategic Planning & Risk Management
  • Governance Risk & Compliance (GRC) Business Process Management & SOX IT Optimization IT Service Management ITSM ITILv3 Certification Readiness Information Security Management ISM Management Advisory Strategic Planning & Risk Management
  • Governance Risk & Compliance (GRC) Business Process Management & SOX IT Optimization IT Service Management ITSM ITILv3 Application Solutions (SAP, Oracle, Package Selection) Information Security Management ISM Management Advisory Strategic Planning & Risk Management
  • Governance Risk & Compliance (GRC) Business Process Management & SOX IT Optimization IT Service Management ITSM ITILv3 Application Solutions (SAP, Oracle, Package Selection) Certification Readiness Management Advisory Strategic Planning & Risk Management
  •  
    • Governance Risk and Compliance are not just buzz words. Our real world experience, thought leadership, methods and tools add to your absolute solution for a mature and ongoing program of GRC.
    • Every client has unique goals and capabilities. Typical engagements include:
      • Policy Baseline
      • Configuration Management Database and Service Oriented Architecture –CMDB SOA
      • Control Self Assessment- CSA
      • Enterprise Risk Management - ERM
    GRC Platforms Oracle, SAP, ERP, EMS
  • RunBooks Identify Expected and KEY Services + Systems = Establishing a Technology Baseline Supporting Critical Automated Business Controls Policy Mapping is the Foundation of Actionable, Auditable Control Assessment Reviews CMDB – Configuration Management Alignment To Security Policy and Service Standards (such as the selected control frameworks) RiskWatch* iterates the gap between Policy, Standards and Business Realities Each stage leverages different, but existing audit information *RiskWatch is a project management process explained by Robert Merch in his text book “Project Management, Best Practices for IT Professionals” SOAProjects owns and implements tools to facilitate adopting this approach.
      • Organizations face challenges that drive the need for IT governance:
        • Keeping IT running
        • Delivering value to customers
        • Managing IT costs
        • Master complexity
        • Align IT with business
        • Ensure regulatory compliance
        • Manage security
      • © ISACA CobiT Foundation™
  •  
  •  
    • Reduces operational expense through streamlined control structures
    • Identifies cross-enterprise risks
    • Aligns risk appetite and corporate strategy
    • Enhances efficient risk response and rapid consistent decisions
    • Seizes opportunities to prevent loss, rather than repair loss
    • Improves the deployment of capital
    • Enterprise risk management is:
    • A process, ongoing and flowing
    • Effected by people at every level
    • Applied with a strategy in a specific setting
    • Applied across the enterprise
      • at every level and unit, and
      • includes taking an entity-level portfolio view of risk
    • Designed to identify potential events that, if they occur, will affect the entity and to manage risk within its risk appetite
    • Able to provide reasonable assurance to an entity’s management and board of directors
    • Geared to achievement of objectives in one or more separate but overlapping categories
    Enterprise Risk Management — Integrated Framework Executive Summary Copyright © September 2004 by the Committee of Sponsoring Organizations of the Treadway Commission.
  • Enterprise Risk Management helps business leadership achieve the organization’s performance and profitability targets.
  • Quarterly Business Review Compliance Hot-Line IT RiskWatch Assign Risk Manager Board Reports Vulnerability Threat & Vulnerability Analysis Input risk details and status log Residual Risk Program RiskWatch Corporate RiskWatch Risk Meeting IT Steering Committee
    • Automation of Audit Function
    • Changes in the risk landscape are rapid, dynamic and cannot be managed by manual process.
    • Corporate audit function costs continue to rise due to increasing threats and events.
    • Greater efficiency and cost effectiveness are achieved by:
        • Automating audit processes
        • Better monitoring tools and techniques
        • Training key compliance team members
    • Our Approach
    • SOAProjects uses a risk based approach.
    • We assess your finance and IT environment, identifying greatest opportunities for automation.
    • We provide Data Mining and Data Analytical tools and techniques that are leveraged by
    • Training the internal audit and key contributing members of the client organization.
    • Culture of change management
    • Culture of causality
    • Culture of compliance and desire to continually reduce variance
  • Change Management’s Relationship to Governance
  • IT SERVICE OFFERINGS
  • IT SERVICE OFFERINGS
    • Build and Maintain a Secure Network
    • Protect Cardholder Data
    • Implement Strong Access Control Measures
    • Regularly Monitor and Test Networks
    • Maintain a Vulnerability Management Program
    • Maintain an Information Security Policy
    • “ ISO/IEC 27001:2005 implements effective information security management in compliance with organizational objectives and business requirements. Risk-based specification designed to take care of information security aspects of corporate governance, protection of information assets, legal and contractual obligations as well as the wide range of threats to an organization’s information and communications technology (ICT) systems and business processes.” ( re-number ISO/IEC 17799 as ISO/IEC 27002 )
    • Initiate
    • Understand Define Information Security Policy
    • Initial Information gathering
    • Define
    • ISMS
      • Security Manuals
      • Procedures
      • Guidelines Templates
    • Assess
      • Risk Analysis Ranking
      • Risk Management
    • Develop
      • Controls Identification & Development
    • Readiness
      • Statement of applicability
      • Assistance in Implementation and Certification Process
    • ISO - Performance of the organization
      • Proper Corporate Governance of IT assists directors to ensure that IT use contributes positively to the performance of the organization, through:
        • Appropriate Implementation And Operation of IT Assets
        • Clarity of Responsibility And Accountability For Both The Use And Provision
        • of IT In Achieving The Goals of The Organization
        • Business Continuity And Sustainability
        • Alignment of IT With Business Needs
        • Efficient Allocation of Resources
        • Innovation In Services, Markets, And Business
        • Good Practice In Relationships With Stakeholders
        • Reduction In The Costs For An Organization
        • Actual Realization of The Approved Benefits From Each IT Investment
    • INTERNATIONAL STANDARD ISO/IEC 38500
  • Compliance Resources Services Risk Compliance frameworks are designed to make companies more successful by reducing operating cost and risk while optimizing service delivery. If a framework can’t achieve this, it is the wrong framework. define execute measure
  • Assistance In All The Following Areas Which Are The Building Blocks For SOX Compliance
    • Data warehousing Design and Development
    • Business Intelligence
    • Enterprise Application Integration (Middleware)
    • Application database porting
    • ERP applications – Implementation and support
    • Once production processes are stable and accepted, SOAProjects provides documentation and knowledge transfer
  •  
  •  
  • $ $ Value Drivers
  • Custom Scripts C, C++, SQL ETL Extract, Transform, Load Informatica See Commerce Oracle DW Builder Micro strategy Sales and Marketing Accounting & Finance Human Resource Systems Customer Relationship Management Oracle SQL Sybase Informix Other Data Sources Metadata Reference Tables Customer Service Oracle Target Data Warehouse
  • Breadth of Services (180+ Consultants + over 10 years experience) Depth of Experience (Rich Industry Experience with average of over 10 years) Partnerships & Alliances (Best of Breed, wide Spectrum of Products) Cost Effective Solutions (Our rates are typically 30-50% lower than most other auditing/consulting firms) Complete Solution Scalable & Robust Solution Versatile & Qualified Solutions Tangible Cost Benefits
  • About Robin Basham, M.Ed, M.IT, CISA, ITSM, CGEIT Director, Enterprise Governance Risk & Compliance Robin Basham is recognized across several major industries as an ICT Enterprise and GRC expert. With experience in Data Center Design and Implementation, Enterprise Solutions from data driven workflow systems to infrastructure and compliance, Ms. Basham is positioned to assist SOAProjects clients in Green Tech initiatives, aligning with every aspect of the IT Enterprise. Director Regulatory Consulting, International Standards Expert, Operations Officer, Master Educator Certifications & Accreditation ITIL, CobiT, Networking, Security Steering Committees - ISACA, OASIS, OMG, Degrees include two Bachelors from the University of Massachusetts, Amherst, a Master’s from Lesley College in Cambridge, and after 13 years working in Information Technology, a second Masters in Enterprise Technology from American InterContinental University. Projects include facilitating regulatory compliance within Siemens, Raytheon, CitiStreet, The Options Clearing Corporation, Financial Times Interactive Data, State Street, SanDisk, CA, AON, Pegasystems, Informa, Journal Communications, Sharp, MA/Com, and OmniVision Technologies Contact: [email_address] About Alan Chipman Director, Information Technology Practice Alan graduated from Brigham Young University with a Masters of Accountancy with an emphasis in Information Systems auditing in 1989.  A founding member of the Systems and Process Assurance group (SPA) IT audit and controls consulting practice in the PwC San Jose office, Alan is recognized for growing that team from zero to over 90 people during his ten years there. Leading Bay Area client through all of their information and regulatory requirements, his 19 years have included businesses Hewlett-Packard, Nike, Agilent Technologies, Borland, State Compensation Insurance Fund, Logitech, LSI Logic, Varian Medical, Varian Inc.,  and Chevron. Alan’s first degree was a Bachelor of Science in Accounting and Minor in Music Theory. His expertise crosses Industries:  Computers and Networking, Software and Internet, Bio Tech, Utilities, Oil & Gas, Insurance, Semiconductor Contact: [email_address]
    • SOAProjects established in 2004, began as a team of Big Four alumni possessing CPA, CISA, CISSP, CISM and CFE background. In the half decade since, this model has attracted talent from leading Compliance and Information Service firms worldwide.
    • Specializing in supplying resources for projects where little or no specifications were available, SOAProjects rapidly distinguished itself as Service Oriented, assuring Success Over All Projects.
    • Our flexible approach operates on a basic principle: What you need is what you get. We deliver cost effective services specifically tailored to meet your unique environment and objectives.
    • Entirely comprised of experienced, dedicated risk and controls professional, SOAProjects provides a complete Information Security Assessment, Sarbanes Oxley Compliance Solution, ERM Application and Enterprise Governance Risk and Compliance Services.
    • SOAProjects consultants are selected from among Senior Managers, Directors and Partners working within the Big Four, as well as our industry’s most reputable firms in Information Audit and Enterprise Compliance.
    IT SERVICE OFFERINGS
  • Your Needs Our People Winning Solution CONTACT: Alan Chipman | Robin Basham 495 N. Whisman Road, Suite 500 | Mountain View, CA 94043 Tel: 650 960 9900 |Fax: 650 960 2400 WWW. SOAProjects.com