Chris Byrne, profile picture
Uploaded byChris Byrne
347 views

E-Mail Compliance Frameworks in the Real World

The document discusses why corporate governance and compliance are important. It notes that there are over 200 international regulatory and legal compliance requirements that must be met. Compliance is required in many areas like Sarbanes-Oxley, HIPAA, privacy laws, and more. Strong IT governance is needed to support corporate governance objectives and compliance requirements as technology is so embedded in business operations. IT should support business goals and requirements, not drive them. Various frameworks for compliance and governance are discussed like COBIT, which provides principles and guidelines.

Embed presentation

Why We Are Here What compliance and governance is and why you should care Distinguishing Myth from Reality Going Beyond “Just Good Enough” Approaches Introduction to Compliance Frameworks Balancing Competing Frameworks: Apples & Oranges? Implementing Compliance Frameworks E-Mail Management Issues to Be Addressed On-Line resources What do you need to take home?
Why Are We Here?
We don’t want to be…
We want to know how far it is to the hole…
Disclaimers
Compliance is Everywhere At last count, there are at least 200 international regulatory & legal drivers that must be complied with as tracked by IBM Business Consulting Services
Compliance is Everywhere Sarbanes-Oxley FTC SEC rule 17a-4 Patriot Act European Union Privacy Laws California Security Breach Notice Law FDA BASEL II FMFIA HIPAA Financial Services Modernization FISMAV) Act of 1999 (GLBA, Gramm-Leach-Bliley Act, Title
Compliance is Everywhere And it makes C-Level executives and and their employees want to just…
Compliance is Everywhere Corporate Governance is not an option… Resistance is not only futile…
Compliance is Everywhere …but can take you from this…
Compliance is Everywhere …to this
Terms and Definitions
Elements of Governance
Elements of Governance
Information technology is so embedded in the operations of an enterprise that strong IT Governance is needed to support corporate governance objectives and compliance requirements.
Business Goals, objectives and specific requirements drive IT, not the other way around
COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
(IT Strategy and Policy) Requirements Direction Control Goals Responsibilities Objectives Business Governance Business Needs to Information (IT Achieve Its Objectives Control, Risk and Assurance) IT Governance COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
IT Resources Information • Data • Effectiveness • Application Systems • Efficiency • Technology • Confidentiality • Facilities • Integrity • People • Availability • Compliance • Reliability Plan and Organise Monitor And Evaluate Acquire and Implement Deliver and Support COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
PO7 manage human resources PO8 ensure compliance with external requirements PO9 assess risks IT Resources Information PO10 manage projects PO11 manage quality • Data • Effectiveness • Application Systems • Efficiency • Technology • Confidentiality • Facilities • Integrity • People • Availability • Compliance • Reliability Plan and Organise Monitor And Evaluate Acquire and Implement M1 monitor the processes M2 assess internal control adequacy M3 obtain independent assurance M4 provide for independent audit Deliver and Support DS4 Ensure continuous service DS5 Ensure systems security AI1 identify automated solutions DS7 Educate and train users AI2 acquire and maintain application software DS8 Assist and advise IT customers AI3 acquire and maintain technology infrastructure DS9 Manage the configuration AI4 develop and maintain procedures DS10 Manage problems and incidents AI5 install and accredit systems DS11 Manage data AI6 manage changes COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
Control Process P06 – Control over the IT process of communicating management aims and direction that satisfies the business requirement of to provide automated process that satisfies the business requirement to ensure user awareness and understanding of those aims is enabled by policies established and communicated to the user community; furthermore, standards need to be established to translate the strategic options into practical and usable user rules and takes into consideration • clearly articulated mission • technology directives linked to business aims • code of conduct/ethics • quality commitment • security and internal control policies • security and internal control practices • lead-by-example • continuous communications programme • providing guidance and checking compliance
Questions, Comments, and Discussion How to Contact Me: Christopher Byrne iscontrolscaddy@gmail.com Techies Cartoon Copyright 2000 Jeff Larson, All Rights Reserved, Permission Pending
E-Mail Compliance Frameworks in the Real World
E-Mail Compliance Frameworks in the Real World

More Related Content

PPT
Joburg cobit assurance
byAldee2013
 
PDF
Valuendo cyberwar and security (okt 2011) handout
byMarc Vael
 
PPTX
Information governance process & technology
byGNetadmin
 
PPTX
Enterprise Mobility Strategy Webinar by Endeavour
byEndeavour Software Technologies
 
PDF
G7 tech solutions corporate profile
byG7TechSolutons
 
PDF
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
byIBM Sverige
 
PDF
Data lifecycle mgmt_destruction
byH Contrex
 
PDF
Information Governance
byVicky Makhija
 
Joburg cobit assurance
byAldee2013
 
Valuendo cyberwar and security (okt 2011) handout
byMarc Vael
 
Information governance process & technology
byGNetadmin
 
Enterprise Mobility Strategy Webinar by Endeavour
byEndeavour Software Technologies
 
G7 tech solutions corporate profile
byG7TechSolutons
 
Kostnadseffektiv implementation av IT-säkerhetsstrategi – Accenture - IBM Sma...
byIBM Sverige
 
Data lifecycle mgmt_destruction
byH Contrex
 
Information Governance
byVicky Makhija
 

What's hot

PDF
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
byIBM Sverige
 
PDF
The Relationship Between ITG and ITSM Lifecycles
byPradeepBhanot
 
PDF
IT Governance Assessment / Audit - Product Solution
byArul Nambi
 
PPTX
Security models for security architecture
byVladimir Jirasek
 
PDF
Day 2 p1 - operate simply
byLilian Schaffer
 
PDF
Valiente Balancing It SecurityCompliance, Complexity & Cost
byGuardEra Access Solutions, Inc.
 
PDF
Strategic governance performance_management_systems
byRamsés Gallego
 
PDF
IT GOVERNANCE OUTSOURCING
byArul Nambi
 
PDF
Afac device-security-july-7-2014v7-2
byKBIZEAU
 
PPTX
Tatakelola Teknologi Informasi
byCahyo Darujati
 
PDF
Secure Enterprise Cloud
byIndu Kodukula
 
PDF
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
byIBM Sverige
 
PDF
From technology risk_to_enterprise_risk_the_new_frontier
byRamsés Gallego
 
PDF
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
byDFLABS SRL
 
PPTX
Sw keynote
bygueste69f645
 
PDF
Solvency - II Programme Setup
bygainline
 
PDF
Security In A Hybrid MAM and MDM World
byApperian
 
PDF
Abb solutions-for-asset-management-the-competitive-advantage2238
byThomas Björklund
 
PDF
CobIT presentation
byMarc Vael
 
PPTX
IT Outsourcing - The GM Way
byuapippo
 
Kostnadseffektiv implementation av er IT-säkerhetsstrategi - PCTY 2011
byIBM Sverige
 
The Relationship Between ITG and ITSM Lifecycles
byPradeepBhanot
 
IT Governance Assessment / Audit - Product Solution
byArul Nambi
 
Security models for security architecture
byVladimir Jirasek
 
Day 2 p1 - operate simply
byLilian Schaffer
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
byGuardEra Access Solutions, Inc.
 
Strategic governance performance_management_systems
byRamsés Gallego
 
IT GOVERNANCE OUTSOURCING
byArul Nambi
 
Afac device-security-july-7-2014v7-2
byKBIZEAU
 
Tatakelola Teknologi Informasi
byCahyo Darujati
 
Secure Enterprise Cloud
byIndu Kodukula
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
byIBM Sverige
 
From technology risk_to_enterprise_risk_the_new_frontier
byRamsés Gallego
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
byDFLABS SRL
 
Sw keynote
bygueste69f645
 
Solvency - II Programme Setup
bygainline
 
Security In A Hybrid MAM and MDM World
byApperian
 
Abb solutions-for-asset-management-the-competitive-advantage2238
byThomas Björklund
 
CobIT presentation
byMarc Vael
 
IT Outsourcing - The GM Way
byuapippo
 

Similar to E-Mail Compliance Frameworks in the Real World

PDF
Valuendo cyberwar and security (jan 2012) handout
byMarc Vael
 
PPTX
SUIT Showdown 2010
bypranalilad
 
PDF
IT governance by Erik Guldentops
byCONFENIS 2012
 
PDF
How to implement interoperability
byE-Government Center Moldova
 
PDF
Gestión de Gobierno, Riesgos y Reglamentaciones (GRC)
byRafael Antona
 
PDF
IT Control Objectives for SOX
byMahesh Patwardhan
 
PDF
Cobit 4.1 Highlights
bygeoffharmer
 
PDF
Qualified Audit Partners Governance, Audit It, Audit Training
byPatrick Soenen
 
PDF
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
bySilverStormSolutions
 
PPTX
IT Governance - OpenThinking Day
byIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
PPTX
Simplifying IT GRC
byanand choudhary
 
PDF
ISO 27001 - IMPLEMENTATION CONSULTING
byArul Nambi
 
PPTX
5. cobit 4 1 assessmnt present. techniques
byAbuallia
 
PDF
High Level Intro
byfaisalsadaf
 
PDF
Corporate Presentation
byArul Nambi
 
PDF
What is Cobit
byBen Kalland
 
PPT
Bpr Process Modeling
byrlynes
 
PDF
COBIT & Other Models Comparisons
bySrinivasan Hariharan
 
PDF
Presentation Infra And Cobit
bycleenknecht
 
PDF
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
byAndris Soroka
 
Valuendo cyberwar and security (jan 2012) handout
byMarc Vael
 
SUIT Showdown 2010
bypranalilad
 
IT governance by Erik Guldentops
byCONFENIS 2012
 
How to implement interoperability
byE-Government Center Moldova
 
Gestión de Gobierno, Riesgos y Reglamentaciones (GRC)
byRafael Antona
 
IT Control Objectives for SOX
byMahesh Patwardhan
 
Cobit 4.1 Highlights
bygeoffharmer
 
Qualified Audit Partners Governance, Audit It, Audit Training
byPatrick Soenen
 
SilverStorm "Credibility and Collaboration to achieve excellence in IT Govern...
bySilverStormSolutions
 
IT Governance - OpenThinking Day
byIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Simplifying IT GRC
byanand choudhary
 
ISO 27001 - IMPLEMENTATION CONSULTING
byArul Nambi
 
5. cobit 4 1 assessmnt present. techniques
byAbuallia
 
High Level Intro
byfaisalsadaf
 
Corporate Presentation
byArul Nambi
 
What is Cobit
byBen Kalland
 
Bpr Process Modeling
byrlynes
 
COBIT & Other Models Comparisons
bySrinivasan Hariharan
 
Presentation Infra And Cobit
bycleenknecht
 
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
byAndris Soroka
 

More from Chris Byrne

PPTX
Prep family lecture_shepherd
byChris Byrne
 
PPTX
Tbi rehab family_lecture
byChris Byrne
 
PPT
"Super 11" Sports Information Departments Selected by FWAA
byChris Byrne
 
PPT
Jim Nantz's Top 25 Moments in 25 Years At CBS Sports
byChris Byrne
 
PPT
CBS Sports, the World, Pop Culture, and the Super Bowl
byChris Byrne
 
PPT
Ten Things to Call “The Big Game” on “Fantastic Sabbath Day”
byChris Byrne
 
PPT
Top 10 Tweets for #ESPNFavreRulesforAll
byChris Byrne
 
PDF
Handling the Human Side of E-Mail Administration
byChris Byrne
 
PDF
Privacy Matters for Lotus Notes & Domino Professionals
byChris Byrne
 
Prep family lecture_shepherd
byChris Byrne
 
Tbi rehab family_lecture
byChris Byrne
 
"Super 11" Sports Information Departments Selected by FWAA
byChris Byrne
 
Jim Nantz's Top 25 Moments in 25 Years At CBS Sports
byChris Byrne
 
CBS Sports, the World, Pop Culture, and the Super Bowl
byChris Byrne
 
Ten Things to Call “The Big Game” on “Fantastic Sabbath Day”
byChris Byrne
 
Top 10 Tweets for #ESPNFavreRulesforAll
byChris Byrne
 
Handling the Human Side of E-Mail Administration
byChris Byrne
 
Privacy Matters for Lotus Notes & Domino Professionals
byChris Byrne
 

Recently uploaded

DOCX
How to Buy Old Gmail Accounts Smartly_ 5 Easy Methods (2025) (1).docx
byusnewit shop
 
PDF
Best 11 Places to Purchase Mature Twitter Accounts for Marketing.pdf
byjaksontinder24
 
PDF
Dubai Multi Commodities Centre (DMCC) – Supplier Code of Conduct Policy
byDubai Multi Commodity Centre
 
DOCX
How to Buy Verified Wise Accounts .docx
byGoogle Business Site Google & Gmail / Buy Old Gmail Accounts
 
PDF
TikTok Seller Accounts in 2025_ Social Commerce, Trust Signals.pdf
bykeb2bq5cegc6m2xa32ay
 
PDF
how to Buy linkedin Accounts in 2026 .pdf
bywc0fr9qf43i5qo5kn3
 
DOCX
Premium Aged Gmail Accounts – Instant Delivery.docx
byallsmmseo
 
PDF
Step-by-Step Guide to Buying LinkedIn Accounts in 2026.pdf
byasikurrhmanxyzit
 
PDF
Comprehensive consulting casebook from FMS Delhi (2023–24), covering framewor...
byAnshulchauhan866815
 
PDF
Co-operative and Mutual Economy 2025.pdf
byHenry Tapper
 
PDF
When Paychecks Stop: Are We Financially Ready
byAurumCapital
 
PDF
J Hamilton - Pensions Playpen 16.12.2025 (1).pdf
byHenry Tapper
 
PDF
How to Buy Facebook accounts for professional brand ....pdf
bykeb2bq5cegc6m2xa32ay
 
PDF
How to Buy Snapchat Accounts in 2026 first year .pdf
bywc0fr9qf43i5qo5kn3
 
PDF
The Easiest Way to Buy Snapchat Accounts (1).pdf
byidc1w3adizw383go
 
PDF
Where to Buy Verified Chime Accounts for Quick ....pdf
bykmn4gloa39pwajpujj
 
PDF
Where to Buy LinkedIn Accounts_ [12 Best Site.pdf
bykeb2bq5cegc6m2xa32ay
 
PDF
How to Buy a USA Facebook Accounts Safely.pdf
byyl62ghphl9tyxn3q8lv5
 
PDF
How to Buy Snapchat Account A Step-by-Step Guide..pdf
byidc1w3adizw383go
 
PDF
Top 10 Websites to Buy Facebook Accounts Tone.pdf
byidc1w3adizw383go
 
How to Buy Old Gmail Accounts Smartly_ 5 Easy Methods (2025) (1).docx
byusnewit shop
 
Best 11 Places to Purchase Mature Twitter Accounts for Marketing.pdf
byjaksontinder24
 
Dubai Multi Commodities Centre (DMCC) – Supplier Code of Conduct Policy
byDubai Multi Commodity Centre
 
How to Buy Verified Wise Accounts .docx
byGoogle Business Site Google & Gmail / Buy Old Gmail Accounts
 
TikTok Seller Accounts in 2025_ Social Commerce, Trust Signals.pdf
bykeb2bq5cegc6m2xa32ay
 
how to Buy linkedin Accounts in 2026 .pdf
bywc0fr9qf43i5qo5kn3
 
Premium Aged Gmail Accounts – Instant Delivery.docx
byallsmmseo
 
Step-by-Step Guide to Buying LinkedIn Accounts in 2026.pdf
byasikurrhmanxyzit
 
Comprehensive consulting casebook from FMS Delhi (2023–24), covering framewor...
byAnshulchauhan866815
 
Co-operative and Mutual Economy 2025.pdf
byHenry Tapper
 
When Paychecks Stop: Are We Financially Ready
byAurumCapital
 
J Hamilton - Pensions Playpen 16.12.2025 (1).pdf
byHenry Tapper
 
How to Buy Facebook accounts for professional brand ....pdf
bykeb2bq5cegc6m2xa32ay
 
How to Buy Snapchat Accounts in 2026 first year .pdf
bywc0fr9qf43i5qo5kn3
 
The Easiest Way to Buy Snapchat Accounts (1).pdf
byidc1w3adizw383go
 
Where to Buy Verified Chime Accounts for Quick ....pdf
bykmn4gloa39pwajpujj
 
Where to Buy LinkedIn Accounts_ [12 Best Site.pdf
bykeb2bq5cegc6m2xa32ay
 
How to Buy a USA Facebook Accounts Safely.pdf
byyl62ghphl9tyxn3q8lv5
 
How to Buy Snapchat Account A Step-by-Step Guide..pdf
byidc1w3adizw383go
 
Top 10 Websites to Buy Facebook Accounts Tone.pdf
byidc1w3adizw383go
 

E-Mail Compliance Frameworks in the Real World

  • 3.
    Why We AreHere What compliance and governance is and why you should care Distinguishing Myth from Reality Going Beyond “Just Good Enough” Approaches Introduction to Compliance Frameworks Balancing Competing Frameworks: Apples & Oranges? Implementing Compliance Frameworks E-Mail Management Issues to Be Addressed On-Line resources What do you need to take home?
  • 5.
  • 6.
  • 7.
    We want toknow how far it is to the hole…
  • 8.
  • 10.
    Compliance is Everywhere At last count, there are at least 200 international regulatory & legal drivers that must be complied with as tracked by IBM Business Consulting Services
  • 11.
    Compliance is Everywhere Sarbanes-OxleyFTC SEC rule 17a-4 Patriot Act European Union Privacy Laws California Security Breach Notice Law FDA BASEL II FMFIA HIPAA Financial Services Modernization FISMAV) Act of 1999 (GLBA, Gramm-Leach-Bliley Act, Title
  • 12.
    Compliance is Everywhere Andit makes C-Level executives and and their employees want to just…
  • 13.
    Compliance is Everywhere CorporateGovernance is not an option… Resistance is not only futile…
  • 14.
    Compliance is Everywhere …butcan take you from this…
  • 15.
  • 16.
  • 17.
  • 18.
  • 25.
    Information technology isso embedded in the operations of an enterprise that strong IT Governance is needed to support corporate governance objectives and compliance requirements.
  • 26.
    Business Goals, objectivesand specific requirements drive IT, not the other way around
  • 29.
    COBIT Copyright TheInformation Technology Governance Institute, All rights reserved. Used with permission
  • 31.
    (IT Strategy andPolicy) Requirements Direction Control Goals Responsibilities Objectives Business Governance Business Needs to Information (IT Achieve Its Objectives Control, Risk and Assurance) IT Governance COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
  • 33.
    IT Resources Information • Data • Effectiveness • Application Systems • Efficiency • Technology • Confidentiality • Facilities • Integrity • People • Availability • Compliance • Reliability Plan and Organise Monitor And Evaluate Acquire and Implement Deliver and Support COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
  • 34.
    PO7 manage humanresources PO8 ensure compliance with external requirements PO9 assess risks IT Resources Information PO10 manage projects PO11 manage quality • Data • Effectiveness • Application Systems • Efficiency • Technology • Confidentiality • Facilities • Integrity • People • Availability • Compliance • Reliability Plan and Organise Monitor And Evaluate Acquire and Implement M1 monitor the processes M2 assess internal control adequacy M3 obtain independent assurance M4 provide for independent audit Deliver and Support DS4 Ensure continuous service DS5 Ensure systems security AI1 identify automated solutions DS7 Educate and train users AI2 acquire and maintain application software DS8 Assist and advise IT customers AI3 acquire and maintain technology infrastructure DS9 Manage the configuration AI4 develop and maintain procedures DS10 Manage problems and incidents AI5 install and accredit systems DS11 Manage data AI6 manage changes COBIT Copyright The Information Technology Governance Institute, All rights reserved. Used with permission
  • 35.
    Control Process P06– Control over the IT process of communicating management aims and direction that satisfies the business requirement of to provide automated process that satisfies the business requirement to ensure user awareness and understanding of those aims is enabled by policies established and communicated to the user community; furthermore, standards need to be established to translate the strategic options into practical and usable user rules and takes into consideration • clearly articulated mission • technology directives linked to business aims • code of conduct/ethics • quality commitment • security and internal control policies • security and internal control practices • lead-by-example • continuous communications programme • providing guidance and checking compliance
  • 56.
    Questions, Comments, and Discussion How to Contact Me: Christopher Byrne iscontrolscaddy@gmail.com Techies Cartoon Copyright 2000 Jeff Larson, All Rights Reserved, Permission Pending