1 December 2022| In-person: Copenhagen, Denmark
Don’t let Microsoft 365 Governance and Compliance be a roll of the dice.
No matter the size of your business, data protection and compliance is critical.
1. Data is exploding
2. Data regulations are increasing around the world
3. Everyone is at risk of a data breach
Yet data security and compliance can feel overwhelming.
Let me show you how the Microsoft 365 Governance, Risk, and Compliance maturity model can help you reduce risk and improve compliance effectiveness by building a strategy for protecting and managing sensitive and business-critical data.
Dont let governance risk and compliance be a roll of the device | Modern Wor...Nikki Chapple
27 March 2023: Modern Workplace Conference Paris 2023 | In-person: Paris, France
Don't let Microsoft 365 Governance and Compliance be a roll of the dice.
No matter the size of your business, data protection and compliance is critical.
1. Data is exploding
2. Data regulations are increasing around the world
3. Everyone is at risk of a data breach
Yet data security and compliance can feel overwhelming.
Let me show you how the Microsoft 365 Governance, Risk, and Compliance maturity model can help you reduce risk and improve compliance effectiveness by building a strategy for protecting and managing sensitive and business-critical data.
Governance, Risk and Compliance and you | CollabDays Bletchley Park 2022Nikki Chapple
5 October 2022: CollabDays Bletchley Park 2022 - October edition | In-person event United Kingdom
Governance, Risk and Compliance and you – Microsoft Purview and beyond | Simon Hudson & Nikki Chapple
Governance, Risk and Compliance; it’s not nice to have, It’s The Law. Every organisation needs to pay attention to GRC, but not everyone has the tools, expertise or strategy. Microsoft Purview is a surprisingly capable tool in your organisation’s GRC tool bag when combined with a broad & competent approach. This session will provide: – an overview of GRC obligations and approaches – what’s in Purview – pragmatic approaches to elevating your Compliance Score – wider technical and business thinking for de-risking your operations and organisation – thoughts on using the Maturity Model for Microsoft 365 GRC Competency to set your objectives.
Microsoft 365 Governance Risk and Compliance Maturity model | MM4M365 practit...Nikki Chapple
Organizations face increasing complexity and change in regulatory environments, calling for a more structured approach for managing Governance, Risk, and Compliance (GRC).
The Governance, Risk, and Compliance Competency is focused on helping an organization reduce risk and improve compliance effectiveness by implementing a framework for compliance and risk management.
https://learn.microsoft.com/en-us/microsoft-365/community/microsoft365-maturity-model--governance-and-compliance?WT.mc_id=M365-MVP-5004747
Are you managing GRC in the most effective manner? Is it contributing to business governance or becoming a burden ? We will discuss the current state of GRC and recognized business drivers as well as supportive risk management infrastructures. Strategies for the alignment of business interests with enterprise GRC programs to establish a complete, auditable, less time consuming program which benefits from management visibility and compliance readiness will additionally be presented. Utilize GRC to manage your business, not to burden it.
James P Finn, Modulo
James has twenty five years experience in security and disaster recovery consulting, managing and delivering enterprise solutions to more than 200 worldwide commercial and government clients.
He has held various management and consulting positions in the information security field including as a worldwide IBM Corporate Auditor for Information Security reporting to the Corporation’s Board of Directors and the as the founding Principal of both the IBM and Unisys Security Consulting Practices and as Vice President of Risk Management for Modulo.
He has consulted in more than 38 countries (U.S., Asia, Europe, South America) on business, technical security and recovery solutions to assist clients to achieve and maintain effective goverance across the full spectrum of security and business recovery disciplines. James is a Microsoft MSRA trained assessor, a KPMG trained SOX auditor and also holds Business Continuity certifications.
He is frequently requested as a speaker at international industry conferences, live webcasts and TV and radio news shows and is the author of over 50 media articles on computer security
Building an effective Information Security RoadmapElliott Franklin
As company information security functions continue to grow each year with increasing attacks and regulations, how are you handling the
pressure? Are you constantly battling to run the business projects and reacting to customer requests? Have you blocked off a few hours each week
on your calendar to close your email, turn off your phone and try to build, assess and maintain an effective vision for your security team? This
presentation will discuss a cascading approach to creating such a roadmap that is easily understood by executives and has helped gain quick buy
in for multiple enterprise wide security projects.
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...Nikki Chapple
Adopting successful Governance, Risk, and Compliance (GRC) can be challenging and risky, especially with data risks, regulatory exposure, and managing sensitive information. But with the right tools and implementation programmes, you can crack the code of GRC.
In this session, our experts will provide insider tips and quick wins, as well as useful resources, for building an effective GRC posture using the tools across the Microsoft cloud, including Microsoft Purview and other Microsoft 365 tools and services. We'll share real-world experiences on implementing effective GRC strategies and provide practical guidance on how to overcome key challenges organizations face with GRC.
You'll leave the session with 3 key takeaways: how to get started, where to find quick wins, and how to build GRC momentum and demonstrate improvements in your organization's GRC posture. You'll gain valuable insights and best practices for decoding the complexities of GRC in Microsoft 365.
Dont let governance risk and compliance be a roll of the device | Modern Wor...Nikki Chapple
27 March 2023: Modern Workplace Conference Paris 2023 | In-person: Paris, France
Don't let Microsoft 365 Governance and Compliance be a roll of the dice.
No matter the size of your business, data protection and compliance is critical.
1. Data is exploding
2. Data regulations are increasing around the world
3. Everyone is at risk of a data breach
Yet data security and compliance can feel overwhelming.
Let me show you how the Microsoft 365 Governance, Risk, and Compliance maturity model can help you reduce risk and improve compliance effectiveness by building a strategy for protecting and managing sensitive and business-critical data.
Governance, Risk and Compliance and you | CollabDays Bletchley Park 2022Nikki Chapple
5 October 2022: CollabDays Bletchley Park 2022 - October edition | In-person event United Kingdom
Governance, Risk and Compliance and you – Microsoft Purview and beyond | Simon Hudson & Nikki Chapple
Governance, Risk and Compliance; it’s not nice to have, It’s The Law. Every organisation needs to pay attention to GRC, but not everyone has the tools, expertise or strategy. Microsoft Purview is a surprisingly capable tool in your organisation’s GRC tool bag when combined with a broad & competent approach. This session will provide: – an overview of GRC obligations and approaches – what’s in Purview – pragmatic approaches to elevating your Compliance Score – wider technical and business thinking for de-risking your operations and organisation – thoughts on using the Maturity Model for Microsoft 365 GRC Competency to set your objectives.
Microsoft 365 Governance Risk and Compliance Maturity model | MM4M365 practit...Nikki Chapple
Organizations face increasing complexity and change in regulatory environments, calling for a more structured approach for managing Governance, Risk, and Compliance (GRC).
The Governance, Risk, and Compliance Competency is focused on helping an organization reduce risk and improve compliance effectiveness by implementing a framework for compliance and risk management.
https://learn.microsoft.com/en-us/microsoft-365/community/microsoft365-maturity-model--governance-and-compliance?WT.mc_id=M365-MVP-5004747
Are you managing GRC in the most effective manner? Is it contributing to business governance or becoming a burden ? We will discuss the current state of GRC and recognized business drivers as well as supportive risk management infrastructures. Strategies for the alignment of business interests with enterprise GRC programs to establish a complete, auditable, less time consuming program which benefits from management visibility and compliance readiness will additionally be presented. Utilize GRC to manage your business, not to burden it.
James P Finn, Modulo
James has twenty five years experience in security and disaster recovery consulting, managing and delivering enterprise solutions to more than 200 worldwide commercial and government clients.
He has held various management and consulting positions in the information security field including as a worldwide IBM Corporate Auditor for Information Security reporting to the Corporation’s Board of Directors and the as the founding Principal of both the IBM and Unisys Security Consulting Practices and as Vice President of Risk Management for Modulo.
He has consulted in more than 38 countries (U.S., Asia, Europe, South America) on business, technical security and recovery solutions to assist clients to achieve and maintain effective goverance across the full spectrum of security and business recovery disciplines. James is a Microsoft MSRA trained assessor, a KPMG trained SOX auditor and also holds Business Continuity certifications.
He is frequently requested as a speaker at international industry conferences, live webcasts and TV and radio news shows and is the author of over 50 media articles on computer security
Building an effective Information Security RoadmapElliott Franklin
As company information security functions continue to grow each year with increasing attacks and regulations, how are you handling the
pressure? Are you constantly battling to run the business projects and reacting to customer requests? Have you blocked off a few hours each week
on your calendar to close your email, turn off your phone and try to build, assess and maintain an effective vision for your security team? This
presentation will discuss a cascading approach to creating such a roadmap that is easily understood by executives and has helped gain quick buy
in for multiple enterprise wide security projects.
Cracking the Code- Expert Tips for Mastering GRC CollabDays Bletchley Sept 23...Nikki Chapple
Adopting successful Governance, Risk, and Compliance (GRC) can be challenging and risky, especially with data risks, regulatory exposure, and managing sensitive information. But with the right tools and implementation programmes, you can crack the code of GRC.
In this session, our experts will provide insider tips and quick wins, as well as useful resources, for building an effective GRC posture using the tools across the Microsoft cloud, including Microsoft Purview and other Microsoft 365 tools and services. We'll share real-world experiences on implementing effective GRC strategies and provide practical guidance on how to overcome key challenges organizations face with GRC.
You'll leave the session with 3 key takeaways: how to get started, where to find quick wins, and how to build GRC momentum and demonstrate improvements in your organization's GRC posture. You'll gain valuable insights and best practices for decoding the complexities of GRC in Microsoft 365.
The CISA is a globally reputed certification for security professionals who audit, monitor, and assess organizations’ information systems and business operations. The certification showcases the candidate’s auditing experience, knowledge, and skills to evaluate vulnerabilities, report on compliance, and institute controls within the enterprise.
Register Here: https://www.infosectrain.com/courses/cisa-certification-training/
Whether you are already utilizing Office 365 or are planning to move, it's important to understand the ever-changing security threat landscape and how you can protect your digital estate.
Don't miss our webinar to learn how to proactively safeguard your company against threats with the help of Microsoft 365.
Int his webinar we address the security challenges we are seeing in 2020 and show you areas of Microsoft 365 that can help you:
- Protect and govern data where it lives
- Identify and remediate critical insider risks
- Investigate and respond with relevant data
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear LLC
Maclear specializes in enterprise governance, risk and compliance (eGRC) solutions. The IT GRC Solution integrates various business functions such as IT governance, policy management, risk management, compliance management, audit management, and incident management. Enables an automated and workflow driven approach to managing, communicating and implementing IT policies and procedures across the enterprise
Read More at: http://www.maclear-grc.com/
Real World Governance Risk and Compliance | European Collaboration Summit 2023Nikki Chapple
22-24 May 2023: European Collaboration Summit | In-person: Dusseldorf, Germany
Real World Governance, Risk and Compliance - adopting Microsoft Purview and beyond by Nikki Chapple and Simon Hudson
Governance, Risk and Compliance; it's not an IT task, it's a business programme. While every organisation needs to 'do' GRC, not everyone has the expertise, has defined a strategy or has developed the tools and processes. Microsoft Purview has breadth and depth, but even it is just one of the tools your organisation needs and needs to be extended with people, processes and other technologies. This session will provide: - An overview of GRC obligations and approaches - An overview of what's in Purview and what's not - A pragmatic approach to elevating your Compliance Score - Wider technical and business thinking for derisking your operations and organisation - A perspective from a Senior Information Risk Officer in a regulated company - Thoughts on using the Maturity Model for Microsoft 365 GRC Competency to monitor your programme of work.
Savings, security, and stability: how ShareGate benefits everyonesammart93
PowerPoint presentation of the live event tackling:
- What is Microsoft 365 governance, and why is it important
- The challenges of managing Microsoft 365
- The hidden costs of ad-hoc management
- Enhancing collaboration through automation
Feel free to use this presentation should you need to make the case for ShareGate to upper management as a tool for automated governance in Microsoft 365!
Using ML to Protect Customer Privacy by fmr Amazon Sr PMProduct School
Main Takeaways:
- Understand the importance of proactively thinking about customer privacy and why ML-based solutions are ideal to tackle that problem
- Bootstrapping an ML workflow and leading your ML scientists through the different steps - goal setting, data collection, data labeling, picking the right ML model, validation, and setting goal success criteria
- Avoiding common pitfalls, not getting overwhelmed with data and complexity, and managing leadership expectations
Heureka Webinar – Security, the Growth Engine for eDiscovery ProfessionalsHeureka Software
Cybersecurity threats and data breaches cost companies millions of dollars in lost intellectual property, trade secrets and fines from mishandled privacy information.
Even worse, hackers increasingly see law firms as an easy target to acquire valuable data on clients.
And yet, many security folks still need the expertise gained from the legal/ediscovery world.
Heureka and special guest Donald A. Wochna, Esq. discuss the shift from eDiscovery to Security and back again!
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceitSMF UK
In this session, John provided advice on how to put together
sections of various best practice frameworks and ways of
working to best suit your organisational needs.
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...Precisely
Many insurance carriers are transforming the way they do business by deploying new software technologies, migrating data and services to the cloud, and leveraging artificial intelligence (AI) to speed decision-making. Data is at the heart of all these initiatives, and it has a direct impact on success or failure. When that data is integrated into upstream or downstream processes, it can also have a broader impact on the operational, analytical, and compliance needs of the organization. The traditional, and often ad-hoc, tools and processes that organizations employ to support data quality, data integrity, transaction reconciliation, and exception management are often inadequate. They do not provide the speed, technical agility, and intelligence demanded by digital transformation initiatives.
Join us to explore proven methods of how insurance carriers are maximizing ROI and minimizing the time-to-value of digital transformation initiatives by:
• Aligning data governance with organizational and project objectives to reduce implementation effort and duration
• Leveraging automated controls for data quality, including balance and reconciliation of data in motion to avoid operational disruptions and maintain regulatory compliance
• Increasing efficiency and capability through centralized data integrity solution
Prepare for success in the Certified Information Systems Auditor (CISA) Certification Exam to elevate your IT security career. Gain instant validation of your auditing, control, and information security skills. CISA Certification signifies expertise in assessing vulnerabilities, ensuring compliance, and strengthening controls within an enterprise. Position yourself for better opportunities with this renowned certification.
BKA renginio "Kaip tapti lyderiais IT valdymo, saugos ir audito srityje?" pranešimas apie CISM (Certified Information Security Manager) sertifikaciją. Renginys vyko balandžio 18 d., 2013.
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
Microsoft 365 Copilot is a revolutionary productivity assistant that leverages large language models (LLMs) and your organisational data to help you create, communicate, and collaborate more effectively across Microsoft 365 apps.
Copilot can assist you with various tasks, such as drafting emails, making presentations, processing data, and finding insights. But to make the most of this game-changing technology, you must master three key aspects: adoption, data security, and governance.
In this two-part session, a Microsoft 365 expert, Nikki will guide you through these aspects and show you how to use Copilot to boost your productivity, creativity, and confidence.
In the second part of the session, Nikki will concentrate on data security and governance. She will explain that implementing Microsoft 365 Copilot requires a strategic approach beyond just adopting the technology. To truly unlock its potential, you must prioritise governance and data security. Without these crucial components, you risk oversharing and surfacing outdated information.
Key takeaways:
– The risks of not addressing data security and governance as part of your Microsoft 365 Copilot transformation
– How to configure Microsoft 365 for “just enough access” to safeguard your sensitive data
– How to improve data governance to deliver more accurate and relevant recommendations
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
Microsoft 365 Copilot is a revolutionary productivity assistant that leverages large language models (LLMs) and your organisational data to help you create, communicate, and collaborate more effectively across Microsoft 365 apps.
Copilot can assist you with various tasks, such as drafting emails, making presentations, processing data, and finding insights. But to make the most of this game-changing technology, you must master three key aspects: adoption, data security, and governance.
In this two-part session, a Microsoft 365 expert, Nikki will guide you through these aspects and show you how to use Copilot to boost your productivity, creativity, and confidence.
In the first part of the session, Nikki will focus on adoption. She will explain that Copilot is not just a tool—it’s a mindset. It’s about embracing AI as a partner, not a threat. It’s about creating a culture of AI literacy in your organisation, where everyone can use Copilot’s features and understand its limits.
It’s about using Copilot to enhance your skills and outcomes, not to replace them.
Key takeaways:
– What Microsoft 365 Copilot is, and how it works
– How to build your business case for Microsoft 365 Copilot
– How to adopt Microsoft 365 Copilot in your organisation and overcome common barriers and challenges
More Related Content
Similar to Dont let governance risk and compliance be a roll of the dice | ESPC22
The CISA is a globally reputed certification for security professionals who audit, monitor, and assess organizations’ information systems and business operations. The certification showcases the candidate’s auditing experience, knowledge, and skills to evaluate vulnerabilities, report on compliance, and institute controls within the enterprise.
Register Here: https://www.infosectrain.com/courses/cisa-certification-training/
Whether you are already utilizing Office 365 or are planning to move, it's important to understand the ever-changing security threat landscape and how you can protect your digital estate.
Don't miss our webinar to learn how to proactively safeguard your company against threats with the help of Microsoft 365.
Int his webinar we address the security challenges we are seeing in 2020 and show you areas of Microsoft 365 that can help you:
- Protect and govern data where it lives
- Identify and remediate critical insider risks
- Investigate and respond with relevant data
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear LLC
Maclear specializes in enterprise governance, risk and compliance (eGRC) solutions. The IT GRC Solution integrates various business functions such as IT governance, policy management, risk management, compliance management, audit management, and incident management. Enables an automated and workflow driven approach to managing, communicating and implementing IT policies and procedures across the enterprise
Read More at: http://www.maclear-grc.com/
Real World Governance Risk and Compliance | European Collaboration Summit 2023Nikki Chapple
22-24 May 2023: European Collaboration Summit | In-person: Dusseldorf, Germany
Real World Governance, Risk and Compliance - adopting Microsoft Purview and beyond by Nikki Chapple and Simon Hudson
Governance, Risk and Compliance; it's not an IT task, it's a business programme. While every organisation needs to 'do' GRC, not everyone has the expertise, has defined a strategy or has developed the tools and processes. Microsoft Purview has breadth and depth, but even it is just one of the tools your organisation needs and needs to be extended with people, processes and other technologies. This session will provide: - An overview of GRC obligations and approaches - An overview of what's in Purview and what's not - A pragmatic approach to elevating your Compliance Score - Wider technical and business thinking for derisking your operations and organisation - A perspective from a Senior Information Risk Officer in a regulated company - Thoughts on using the Maturity Model for Microsoft 365 GRC Competency to monitor your programme of work.
Savings, security, and stability: how ShareGate benefits everyonesammart93
PowerPoint presentation of the live event tackling:
- What is Microsoft 365 governance, and why is it important
- The challenges of managing Microsoft 365
- The hidden costs of ad-hoc management
- Enhancing collaboration through automation
Feel free to use this presentation should you need to make the case for ShareGate to upper management as a tool for automated governance in Microsoft 365!
Using ML to Protect Customer Privacy by fmr Amazon Sr PMProduct School
Main Takeaways:
- Understand the importance of proactively thinking about customer privacy and why ML-based solutions are ideal to tackle that problem
- Bootstrapping an ML workflow and leading your ML scientists through the different steps - goal setting, data collection, data labeling, picking the right ML model, validation, and setting goal success criteria
- Avoiding common pitfalls, not getting overwhelmed with data and complexity, and managing leadership expectations
Heureka Webinar – Security, the Growth Engine for eDiscovery ProfessionalsHeureka Software
Cybersecurity threats and data breaches cost companies millions of dollars in lost intellectual property, trade secrets and fines from mishandled privacy information.
Even worse, hackers increasingly see law firms as an easy target to acquire valuable data on clients.
And yet, many security folks still need the expertise gained from the legal/ediscovery world.
Heureka and special guest Donald A. Wochna, Esq. discuss the shift from eDiscovery to Security and back again!
John Mcdermott - Gold sponsor session: Hybrid - IT needs hybrid good practiceitSMF UK
In this session, John provided advice on how to put together
sections of various best practice frameworks and ways of
working to best suit your organisational needs.
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...Precisely
Many insurance carriers are transforming the way they do business by deploying new software technologies, migrating data and services to the cloud, and leveraging artificial intelligence (AI) to speed decision-making. Data is at the heart of all these initiatives, and it has a direct impact on success or failure. When that data is integrated into upstream or downstream processes, it can also have a broader impact on the operational, analytical, and compliance needs of the organization. The traditional, and often ad-hoc, tools and processes that organizations employ to support data quality, data integrity, transaction reconciliation, and exception management are often inadequate. They do not provide the speed, technical agility, and intelligence demanded by digital transformation initiatives.
Join us to explore proven methods of how insurance carriers are maximizing ROI and minimizing the time-to-value of digital transformation initiatives by:
• Aligning data governance with organizational and project objectives to reduce implementation effort and duration
• Leveraging automated controls for data quality, including balance and reconciliation of data in motion to avoid operational disruptions and maintain regulatory compliance
• Increasing efficiency and capability through centralized data integrity solution
Prepare for success in the Certified Information Systems Auditor (CISA) Certification Exam to elevate your IT security career. Gain instant validation of your auditing, control, and information security skills. CISA Certification signifies expertise in assessing vulnerabilities, ensuring compliance, and strengthening controls within an enterprise. Position yourself for better opportunities with this renowned certification.
BKA renginio "Kaip tapti lyderiais IT valdymo, saugos ir audito srityje?" pranešimas apie CISM (Certified Information Security Manager) sertifikaciją. Renginys vyko balandžio 18 d., 2013.
Similar to Dont let governance risk and compliance be a roll of the dice | ESPC22 (20)
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
Microsoft 365 Copilot is a revolutionary productivity assistant that leverages large language models (LLMs) and your organisational data to help you create, communicate, and collaborate more effectively across Microsoft 365 apps.
Copilot can assist you with various tasks, such as drafting emails, making presentations, processing data, and finding insights. But to make the most of this game-changing technology, you must master three key aspects: adoption, data security, and governance.
In this two-part session, a Microsoft 365 expert, Nikki will guide you through these aspects and show you how to use Copilot to boost your productivity, creativity, and confidence.
In the second part of the session, Nikki will concentrate on data security and governance. She will explain that implementing Microsoft 365 Copilot requires a strategic approach beyond just adopting the technology. To truly unlock its potential, you must prioritise governance and data security. Without these crucial components, you risk oversharing and surfacing outdated information.
Key takeaways:
– The risks of not addressing data security and governance as part of your Microsoft 365 Copilot transformation
– How to configure Microsoft 365 for “just enough access” to safeguard your sensitive data
– How to improve data governance to deliver more accurate and relevant recommendations
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
Microsoft 365 Copilot is a revolutionary productivity assistant that leverages large language models (LLMs) and your organisational data to help you create, communicate, and collaborate more effectively across Microsoft 365 apps.
Copilot can assist you with various tasks, such as drafting emails, making presentations, processing data, and finding insights. But to make the most of this game-changing technology, you must master three key aspects: adoption, data security, and governance.
In this two-part session, a Microsoft 365 expert, Nikki will guide you through these aspects and show you how to use Copilot to boost your productivity, creativity, and confidence.
In the first part of the session, Nikki will focus on adoption. She will explain that Copilot is not just a tool—it’s a mindset. It’s about embracing AI as a partner, not a threat. It’s about creating a culture of AI literacy in your organisation, where everyone can use Copilot’s features and understand its limits.
It’s about using Copilot to enhance your skills and outcomes, not to replace them.
Key takeaways:
– What Microsoft 365 Copilot is, and how it works
– How to build your business case for Microsoft 365 Copilot
– How to adopt Microsoft 365 Copilot in your organisation and overcome common barriers and challenges
Preparing for Microsoft 365 Copilot - Best Practices for Governance and Data ...Nikki Chapple
Microsoft 365 Copilot is a new technology that uses generative AI to help users create content, code, and data insights from within your Microsoft 365 Apps such as Word, Excel, PowerPoint, Outlook, Teams and Loop. It can boost productivity, creativity, and skills, but it also poses some challenges for governance and data security. To prepare for Microsoft 365 Copilot, users need to follow some best practices, such as:
- Assessing their technical , and data security readiness.
- Understand the importance of “Just enough access”
-How to build your data security and governance maturity by setting up data security, governance and access controls at the tenant level, the container (Team or Group) level and at the individual user level.
By following these best practices, users can ensure that they get the most out of Microsoft 365 Copilot while protecting their data and reputation.
Viva Security and Privacy CollabDays Bletchley Sept 23.pdfNikki Chapple
Session presented at CollabDays Bletchley September 2023.
Microsoft Viva is a platform that empowers employees to thrive in the digital workplace. It integrates tools for engagement, well-being, learning, knowledge, and analytics within Microsoft Teams.
But how secure and private is Microsoft Viva?
How does Microsoft protect your data and comply with regulations?
In this session, you will learn the answers to these questions and more. You will discover how Microsoft Viva safeguards your data and respects your privacy and how you can leverage its features with confidence
Commsverse 2023 Demystifying security and privacy in Viva | Commverse 2023Nikki Chapple
21-22 June 2023: Commsverse | In-person: Mercedes-Benz World, UK
Demystifying security & compliance in Microsoft Viva
Microsoft Viva is an employee experience platform that combines tools to support employee engagement and well-being, learning and knowledge management, and experience analytics, all delivered through Microsoft Teams.
Some organizations are reluctant to deploy Microsoft Viva due to data privacy, compliance, and security concerns.
This session demystifies Microsoft Viva to help you understand:
- How Microsoft ensures security and compliance across the different Microsoft Viva modules
- What roles are needed to manage the Viva modules
- What end user and IT controls are available
- Why communication is key
Demystifying security and compliance in Viva | European Collaboration Summit ...Nikki Chapple
22-24 May 2023: European Collaboration Summit | In-person: Dusseldorf, Germany
Demystifying security and compliance in Viva
Microsoft Viva is an employee experience platform that combines tools to support employee engagement and well-being, learning and knowledge management, and experience analytics, all delivered through Microsoft Teams. Some organizations are reluctant to deploy Microsoft Viva as they are concerned about data privacy, complianceMicrosoft Viva is an employee experience platform that combines tools to support employee engagement and well-being, learning and knowledge management, and experience analytics, all delivered through Microsoft Teams., and security. This session demystifies security & compliance in Microsoft Viva to help you understand the following: - What are the Viva modules - How Microsoft ensures security and compliance in Microsoft Viva, - Why governance and employee adoption are critical
Microsoft Viva governance and compliance implications | Viva Explorers Commun...Nikki Chapple
12 November: Viva Explorers Community Day | In-person: Manchester United Kingdom
Microsoft Viva governance and compliance implications
This session demystifies security & compliance in Microsoft Viva to help you understand the following:
- What are the Viva modules
- How Microsoft ensures security & compliance in Microsoft Viva
- Why governance is essential
- Why employee adoption & sponsor communications are critical
Implementing Microsoft Teams Lifecycle Governance to Stop Team Sprawl M365C...Nikki Chapple
11 November 2022: M365 Chicago - A Salute to Services! | Online event
Implementing Microsoft Teams lifecycle governance to stop Team sprawl.
Microsoft Teams empowers users to collaborate. However without governance it is easy for organizations to create thousands of Teams sites with no clear ownership and no lifecycle. This uncontrolled growth can quickly turn into sprawl resulting in an IT admin headache to manage and lead to user confusion and dissatisfaction as they struggle to identify which is the correct team to use.
This session will discuss best practices on how to implement Teams lifecycle management to manage your teams through the following stages:
1. Teams creation
2. Ongoing management
3. End of life
Build a Teams creation workflow using Power Automate | ESPC 22 Microsoft Team...Nikki Chapple
15 September 2022 ESPC 22 Microsoft Teams Week | Online event
Create a Simple Teams Creation Workflow using Power Automate
Use Lists and Power Automate to build a Team creation process to govern the creation of Teams.
This practical demonstration will show you how to enhance the standard Teams creation process by:
- using your own tailored Teams naming convention
- adding an approval step
- stopping duplicate Team names
- requiring multiple owners
- adding sensitivity label to allow or block guests and external sharing
Implementing Microsoft Teams lifecycle governance to stop Team sprawl | MN Mi...Nikki Chapple
11 July 2022: MN Microsoft 365 User Group (mn365.org) | Online event
Implementing Microsoft Teams lifecycle governance to stop Team sprawl
Deep dive into the pragmatic ways to manage Microsoft Team sprawl.
Microsoft Teams has become crucial in supporting remote and hybrid working, allowing users to work, collaborate, and learn from any location and any device.
However, for many organizations, the move to Microsoft Teams was in a direct response to the COVID -19 pandemic. Often the result was a tactical rather than a strategic deployment of Teams.
This has resulted in the uncontrolled growth of Teams. Leading to unforeseen challenges such as Team sprawl, stale content, duplicate content and general user confusion. This in turn increases the risks of data overexposure and the use of shadow IT by dissatisfied users.
In this session, I will look at.
-Why does Teams sprawl occur?
-What are the biggest risks of Teams sprawl?
-Why does governance need to extend beyond technology?
-How to mitigate the risk of Team sprawl through managing your workload and content lifecycle.
Build a Teams creation workflow using Power Automate | M365 Virtual Marathon ...Nikki Chapple
5 May 2022: Microsoft 365 Virtual Marathon 2022 | Online event
Build a Teams creation workflow using Power Automate
Use Lists and Power Automate to build a Team creation process to govern the creation of Teams. Build on the standard process to require a justification, an approval step, add multiple owners and apply your own naming standard.
Implementing Microsoft Teams Lifecycle Governance to Stop Team Sprawl | Virtu...Nikki Chapple
21 October 2022: Virtual M365 Friday Cincinnati | Online event
Implementing Microsoft Teams Lifecycle Governance to Stop Team Sprawl
Microsoft Teams empowers users to collaborate. However without governance it is easy for organizations to create thousands of Teams sites with no clear ownership and no lifecycle. This uncontrolled growth can quickly turn into sprawl resulting in an IT admin headache to manage and lead to user confusion and dissatisfaction as they struggle to identify which is the correct team to use.
This session will discuss best practices on how to implement Teams lifecycle management to manage your teams through the following stages:
1. Teams creation
2. Ongoing management
3. End of life
Implementing Microsoft Teams lifecycle governance to stop Team sprawl | Teams...Nikki Chapple
6 April 2022: Teams10X Virtual Summit | Online event
Implementing Microsoft Teams lifecycle governance to stop Team sprawl
Microsoft Teams empowers users to collaborate. However without governance it is easy for organizations to create thousands of Teams sites with no clear ownership and no lifecycle. This uncontrolled growth can quickly turn into sprawl resulting in an IT admin headache to manage and lead to user confusion and dissatisfaction as they struggle to identify which is the correct team to use.
This session will discuss best practices on how to implement Teams lifecycle management to manage your teams through the following stages:
1. Teams creation
2. Ongoing management
3. End of life
Using Power Automate to manage Microsoft 365 evergreen change | MN365 - April...Nikki Chapple
29 April 2022: Minnesota Microsoft 365 User group | Online event
Using Power Automate to manage Microsoft Teams evergreen change
Keeping up to date with the hundreds of changes in Microsoft 365 and Teams can be hard especially when multiple stakeholders are involved.
This session will demonstrate how you can use use Power Automate to enhance the standard Microsoft 365 Message Center sync to Planner. See how Power Automate can save you time by automatically:
1. Adding labels to categorize the changes
2. Assigning tasks to groups of users
3. Add standard checklists to allow you to quickly view progress
4. Notify stakeholders of up coming changes
5. Why multiple Planner Boards are not possible
Canadian Cloud summit - Build a Teams creation workflow using Power Automate ...Nikki Chapple
Use Lists and Power Automate to build a Team creation process to govern the creation of Teams.
This practical demonstration will show you how to enhance the standard Teams creation process by:
1 - using your own tailored Teams naming convention
2 - adding an approval step
3 - stopping duplicate Team names
4 - requiring multiple owners
5 - adding sensitivity label to allow or block guests and external sharing
Commsverse 2022 - Why you need to manage Microsoft Teams sprawl - Jun 2022Nikki Chapple
Microsoft Teams empowers users to collaborate. However without governance it is easy for organizations to create thousands of Teams sites with no clear ownership and no lifecycle. This uncontrolled growth can quickly turn into sprawl resulting in an IT admin headache to manage and lead to user confusion and dissatisfaction as they struggle to identify which is the correct team to use.
This session will discuss best practices on how to implement Teams lifecycle management to manage your teams through the following stages:
1. Teams creation
2. Ongoing management
3. End of life
Teams10X - Using Power Automate to Manage Teams evergreen change - Sep 2022Nikki Chapple
Keeping up to date with the hundreds of changes in Microsoft 365 and Teams can be hard, especially when multiple stakeholders are involved.
This session will demonstrate how to use Power Automate to enhance the standard Microsoft 365 Message Center sync to Planner. See how Power Automate can save you time by automatically:
1. Adding labels to categorize the changes
2. Assigning tasks to groups of users
3. Add standard checklists to allow you to quickly view progress
4. Notify stakeholders of up coming changes
5. Why multiple Planner Boards are not possible
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Dont let governance risk and compliance be a roll of the dice | ESPC22
1.
2. Don't let Microsoft 365 governance
and compliance be a roll of the
dice
Nikki Chapple | MVP
Principal Cloud Architect, CloudWay, UK
3. Nikki Chapple
• 30 years+ experience in IT & business transformation
• Passionate about Microsoft 365 governance & compliance
• Community speaker & blogger
• Co-host on the All things M365 compliance Podcast
nikkichapple
@chapplenikki
www.nikkichapple.com
All things M365 compliance
19. State of security maturity in the cloud environment
Not started
17%
Early stages
26%
Midstage
34%
Mature stage
23%
Ref: Cost of a Data Breach Report 2022 - United Kingdom | IBM
20. Most common findings in ransomware response engagements
Ref: Microsoft Digital Defense Report 2022 | Microsoft Security
65%
of companies lacked
information
protection control
21. Microsoft recommend 5 area to focus on
Ref: Microsoft Digital
Defense Report 2022
| Microsoft Security
23. What is a Maturity Model
100
Start-ups, new
teams and
rapidly created
processes
• plus failing
functions etc.
200
Maturing
organisations
and teams
• plus inefficient
and at-risk
functions
300
Established
organisations
• Stable but not
class leading
functions
400
Successful/
efficient
organisations,
functions and
processes
• Especially regulated
functions
500
Best of breed
• Exemplars
34. Baseline - Security Score
Scope
• Microsoft 365 (inc Exchange Online)
• Azure Active Directory
• Microsoft Defender for Endpoint
• Microsoft Defender for Identity
• Microsoft Defender for Cloud Apps
• Microsoft Teams
35. Baseline E5 licencing
Microsoft Compliance
Configuration Analyzer (MCCA)
• Microsoft Information Protection
• Data Loss Prevention
• Information Governance
• Records Management
• Insider Risk
• Communication Compliance
• Audit
• eDiscovery
https://bit.ly/3FegpM4
45. Level 200 Microsoft 365 posture - Limited
Security defaults in
Azure AD (MFA,
Privileged activities,
block legacy auth)
Manual Sensitivity
labels
Manual Retention
labels
46. Level 300 GRC Posture - Defined
GRC strategy
• Framework
established but
tactical
• Focus on Zero
Trust security
rather than
compliance
People
• Siloed roles &
individual
responsibilities.
Processes
• Tactical &
inconsistent
• Initial privacy risk
management
assessment
• Initial compliance
assessment
47. Level 300 Microsoft 365 posture - Basic
Recommended/
default labels
Sensitivity labels
for containers
Data Loss
Prevention
Org wide
retention
User & Container
lifecycle
governance
Compliance
Manager
baseline
Monitor Message
center
48. Level 400 GRC Posture - Predictable
GRC strategy
• Tailored, controlled &
measured
• Proactive
• Elevate your
compliance program
People
• Executive leadership
• Partnership - business,
IT & Security
• Dedicated roles.
Shared accountability
Processes
• Streamlined &
simplified with metrics
• GRC process to
identify, analyse,
control with
accountability
• Regular compliance &
privacy risk
assessments
49. Level 400 Microsoft 365 posture – Extend E5 licencing
Intelligent &
automated data
classification
Automated
protection &
retention
DLP for sensitive
data
Insider risk
management
Auditing to SIEM
Govern access
decisions based on
sensitivity
Discover and
manage shadow IT
in your network
Compliance
Manager
regulation
templates
Risk based access
controls
Endpoint
management
50. GRC
• Strategic with
continuous
assessment.
• External benchmarks
People
• Proactive
• Business enabler
• Continuous
improvement
• Best of breed
• Pervasive compliance
culture
Process
• Risk based
• Lifecycle management
• Business Continuity
management
• Continuous
improvement
• Extend to supply chain
Level 500 - Optimal
53. Practical steps
Establish board accountability
Agree strategy and priorities
Embed cultural change
Establish a programme for continuous improvement
Select initial priority areas for attention
Build tools & processes outside Purview for non-technical control
54. Best practices
You cannot go
from 1% to 100%
on one day
Take crawl-walk-
run approach
Manage based on
risk
Be realistic. Design
something that can be
implemented
You need to
know where you
are now
Involve the right
teams
57. References
• The Microsoft 365 Maturity Model – Governance, Risk, and Compliance
Competency | Microsoft Learn
• Cost of a Data Breach Report 2022 - United Kingdom | IBM
• Microsoft 365 Compliance Scenario based demo CAT Demo
• Microsoft Zero Trust Maturity Assessment Quiz
• The Comprehensive Playbook for Implementing Zero Trust Security
(azureedge.net)
• Compliance in the era of digital transformation