Submit Search
Upload
Inv306 going social in a world of grc v.1.1
•
0 likes
•
301 views
Arthur Fontaine
Follow
Lotusphere 2012 INV306 -- Going Social In A World of GRC
Read less
Read more
Technology
Business
Economy & Finance
Report
Share
Report
Share
1 of 22
Download now
Download to read offline
Recommended
Analisis de Riesgos O-ISM3
Analisis de Riesgos O-ISM3
Conferencias FIST
TripleTree eDiscovery
TripleTree eDiscovery
Chris Hoffmann
Enterprise cyber security
Enterprise cyber security
nsheel
A brief overview of operational risk
A brief overview of operational risk
Diane Christina
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
Andris Soroka
Riskpro Insurance Advisory Services
Riskpro Insurance Advisory Services
Rahul Bhan (CA, CIA, MBA)
2012 ReEnergize the Americas 3B: Gene Rodriguez
2012 ReEnergize the Americas 3B: Gene Rodriguez
Reenergize
About Acumin
About Acumin
GemmaPaterson
Recommended
Analisis de Riesgos O-ISM3
Analisis de Riesgos O-ISM3
Conferencias FIST
TripleTree eDiscovery
TripleTree eDiscovery
Chris Hoffmann
Enterprise cyber security
Enterprise cyber security
nsheel
A brief overview of operational risk
A brief overview of operational risk
Diane Christina
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
Andris Soroka
Riskpro Insurance Advisory Services
Riskpro Insurance Advisory Services
Rahul Bhan (CA, CIA, MBA)
2012 ReEnergize the Americas 3B: Gene Rodriguez
2012 ReEnergize the Americas 3B: Gene Rodriguez
Reenergize
About Acumin
About Acumin
GemmaPaterson
Basel II Risk Compliance Solution(Tasso ): Lera technologies
Basel II Risk Compliance Solution(Tasso ): Lera technologies
Lera Technologies
Feb2008 Monthly Slides 1
Feb2008 Monthly Slides 1
Nadir Hussain
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...
xKinAnx
Dynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value Sheet
Clear Technologies
Information Governance-a programmatic perspective on driving value through RI...
Information Governance-a programmatic perspective on driving value through RI...
Ledjit
ITFM Business Brief
ITFM Business Brief
wdjohnson1
Security Maturity Model
Security Maturity Model
Conferencias FIST
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS UK
Is3 Capabilities Brief
Is3 Capabilities Brief
mageeb
iCode Security Architecture Framework
iCode Security Architecture Framework
Mohamed Ridha CHEBBI, CISSP
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking
CRTC Cloud Security- Jeff Crume
CRTC Cloud Security- Jeff Crume
KrisValerio
Information Security Maturity Model
Information Security Maturity Model
CSCJournals
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
Seema Sheth-Voss
Simon Foley
Simon Foley
guest34c834
Return on Security Investment
Return on Security Investment
Conferencias FIST
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)
OCTF Industry Engagement
Business oriented risk management approach luís martins
Business oriented risk management approach luís martins
Luis Martins
Riskpro Introduction
Riskpro Introduction
Manoj Jain
Riskpro brief introduction
Riskpro brief introduction
Rahul Bhan (CA, CIA, MBA)
BRIDGEi2i Risk Management Solutions
BRIDGEi2i Risk Management Solutions
BRIDGEi2i Analytics Solutions
Riskpro Information Risk Management
Riskpro Information Risk Management
Rahul Bhan (CA, CIA, MBA)
More Related Content
What's hot
Basel II Risk Compliance Solution(Tasso ): Lera technologies
Basel II Risk Compliance Solution(Tasso ): Lera technologies
Lera Technologies
Feb2008 Monthly Slides 1
Feb2008 Monthly Slides 1
Nadir Hussain
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...
xKinAnx
Dynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value Sheet
Clear Technologies
Information Governance-a programmatic perspective on driving value through RI...
Information Governance-a programmatic perspective on driving value through RI...
Ledjit
ITFM Business Brief
ITFM Business Brief
wdjohnson1
Security Maturity Model
Security Maturity Model
Conferencias FIST
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS UK
Is3 Capabilities Brief
Is3 Capabilities Brief
mageeb
iCode Security Architecture Framework
iCode Security Architecture Framework
Mohamed Ridha CHEBBI, CISSP
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking
CRTC Cloud Security- Jeff Crume
CRTC Cloud Security- Jeff Crume
KrisValerio
Information Security Maturity Model
Information Security Maturity Model
CSCJournals
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
Seema Sheth-Voss
Simon Foley
Simon Foley
guest34c834
Return on Security Investment
Return on Security Investment
Conferencias FIST
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)
OCTF Industry Engagement
Business oriented risk management approach luís martins
Business oriented risk management approach luís martins
Luis Martins
What's hot
(18)
Basel II Risk Compliance Solution(Tasso ): Lera technologies
Basel II Risk Compliance Solution(Tasso ): Lera technologies
Feb2008 Monthly Slides 1
Feb2008 Monthly Slides 1
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...
Dynamic Log Analysis™ Business Value Sheet
Dynamic Log Analysis™ Business Value Sheet
Information Governance-a programmatic perspective on driving value through RI...
Information Governance-a programmatic perspective on driving value through RI...
ITFM Business Brief
ITFM Business Brief
Security Maturity Model
Security Maturity Model
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
Is3 Capabilities Brief
Is3 Capabilities Brief
iCode Security Architecture Framework
iCode Security Architecture Framework
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance Requirements
CRTC Cloud Security- Jeff Crume
CRTC Cloud Security- Jeff Crume
Information Security Maturity Model
Information Security Maturity Model
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
Simon Foley
Simon Foley
Return on Security Investment
Return on Security Investment
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)
Business oriented risk management approach luís martins
Business oriented risk management approach luís martins
Similar to Inv306 going social in a world of grc v.1.1
Riskpro Introduction
Riskpro Introduction
Manoj Jain
Riskpro brief introduction
Riskpro brief introduction
Rahul Bhan (CA, CIA, MBA)
BRIDGEi2i Risk Management Solutions
BRIDGEi2i Risk Management Solutions
BRIDGEi2i Analytics Solutions
Riskpro Information Risk Management
Riskpro Information Risk Management
Rahul Bhan (CA, CIA, MBA)
Riskpro information risk management
Riskpro information risk management
Rahul Bhan (CA, CIA, MBA)
Riskpro Information Risk Management
Riskpro Information Risk Management
Rahul Bhan (CA, CIA, MBA)
Riskpro Information Risk Management
Riskpro Information Risk Management
Manoj Jain
Interest rate risk modeling day sun_gard_ambit banking
Interest rate risk modeling day sun_gard_ambit banking
ACTUS Foundation for Financial Research
SYMCAnnual
SYMCAnnual
finance40
Riskpro information risk management 2013
Riskpro information risk management 2013
Rahul Bhan (CA, CIA, MBA)
Riskpro information risk management 2013
Riskpro information risk management 2013
Rahul Bhan (CA, CIA, MBA)
Riskpro Brief Introduction
Riskpro Brief Introduction
Rahul Bhan (CA, CIA, MBA)
Riskpro insurance advisory services 2013
Riskpro insurance advisory services 2013
Rahul Bhan (CA, CIA, MBA)
Cybersecurity It Audit Services Gt April2012
Cybersecurity It Audit Services Gt April2012
Danny Miller
Riskpro Insurance Advisory Services
Riskpro Insurance Advisory Services
Rahul Bhan (CA, CIA, MBA)
Agama Profile
Agama Profile
Agama Consulting
Agam Profile
Agam Profile
Agama Consulting
Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5
Rahul Bhan (CA, CIA, MBA)
Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5
Rahul Bhan (CA, CIA, MBA)
IT Risk Management - the right posture
IT Risk Management - the right posture
Parag Deodhar
Similar to Inv306 going social in a world of grc v.1.1
(20)
Riskpro Introduction
Riskpro Introduction
Riskpro brief introduction
Riskpro brief introduction
BRIDGEi2i Risk Management Solutions
BRIDGEi2i Risk Management Solutions
Riskpro Information Risk Management
Riskpro Information Risk Management
Riskpro information risk management
Riskpro information risk management
Riskpro Information Risk Management
Riskpro Information Risk Management
Riskpro Information Risk Management
Riskpro Information Risk Management
Interest rate risk modeling day sun_gard_ambit banking
Interest rate risk modeling day sun_gard_ambit banking
SYMCAnnual
SYMCAnnual
Riskpro information risk management 2013
Riskpro information risk management 2013
Riskpro information risk management 2013
Riskpro information risk management 2013
Riskpro Brief Introduction
Riskpro Brief Introduction
Riskpro insurance advisory services 2013
Riskpro insurance advisory services 2013
Cybersecurity It Audit Services Gt April2012
Cybersecurity It Audit Services Gt April2012
Riskpro Insurance Advisory Services
Riskpro Insurance Advisory Services
Agama Profile
Agama Profile
Agam Profile
Agam Profile
Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5
Riskpro Insurance Services Ver5
IT Risk Management - the right posture
IT Risk Management - the right posture
Recently uploaded
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
null - The Open Security Community
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
soniya singh
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Recently uploaded
(20)
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Inv306 going social in a world of grc v.1.1
1.
INV306 Going Social
in a world of Governance, Risk Management, and Compliance (GRC) Arthur Fontaine | Program Director | IBM Collaboration Solutions © 2012 IBM Corporation
2.
IBM’s statements regarding
its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. 2 | © 2012 IBM Corporation
3.
Agenda ■
GRC – What is it, and why is it important? ■ Collaboration in a GRC world ■ Functional perspectives to GRC 3 | © 2012 IBM Corporation
4.
Governance
Setting policies for risk in the organization Focus ● Regulations ● Contractual Duties ● Business Strategy Risk Management Limiting actions to within risk tolerance Compliance Focus Confirming adherence ● Education/certification to policies ● Security and Defense ● Information Lifecycle Focus ● Audit ● Ediscovery ● Documentation | © 2012 IBM Corporation
5.
A role-based approach
to GRC Chief Chief Chief Chief Chief Information Chief Legal Risk Financial Information Security Compliance Role Officer Officer Officer Officer Officer Officer Goal Reduce legal Quantify and Manage Risk- Reduce IT expense Reduce IT risk Ensure regulatory exposure reduce risk adjusted exposure compliance exposure forecasting and allocation Concerns ● Identifying legal risks ● Integrated view of ● Financial risk ● Guarding against ● Anticipating and ● Adherence to policy ● Reducing exposure risk across financial, management intrusions and avoiding threats and and procedures from retention of operational and other ● Regulatory malware breaches ● Managing regulatory unnecessary domains requirements ● Reducing storage ● Managing records exams, audits and information ● Anticipating and ● Financial reporting and admin costs lifecycles in IT requests ● Anticipating and avoiding unexpected (e.g. SOX) ● Ensure business systems ● Reducing cost for managing discovery loss continuity ● Driving content compliance tasks policies management | © 2012 IBM Corporation
6.
GRC Framework
| © 2012 IBM Corporation
7.
Information Lifecycle Governance
Data Credit Risk Consolidated Risk Market Risk Trusted Risk Results Datamart Information Warehouse CRO ALM & Liquidity Risk KRI Mgmt Loss Event Data Operational Risk Applications Database IT Risk GRC – IBM Reference Architecture Network Endpoint IT Security Risk Access and IM CIO GRC Analytics* GRC Execution Industry Content Business GRC Management* Continuity Operational Systems Records Mgmt Training Vendor Risk Legal case Mgmt Policy & Whistle Blower CCO Compliance Asset Mgmt Financial AML Reporting CFO Fraud Monitoring Internal Audit Seg of Duties Cntll Monitoring Operations Lifecycle Management | ation GRC GRC Mgmt Change Services Services Strategic Consulting Implement- Operational GTS,GBS SWG-Lab GBS/BAO Services © 2012 IBM Corporation
8.
Agenda ■
GRC – What is it, and why is it important? ■ Collaboration in a GRC world ■ Functional perspectives to GRC 8 | © 2012 IBM Corporation
9.
IBM Social Business
Capabilities Envision Enable Adopt Optimize Social Networking Social Content Social Analytics Owned social networks Engagement apps & svcs. Analytics Discover Engage Reach Identity systems Social network connectors Monitoring Communication channels Content services Optimization Process Management Information Management Governance and Lifecycle Integrate Social BPM Rules Information integration Info. lifecycle gov. Security Connectors ESB MDM Data warehousing Community gov. Mobile Open Standards Workload-Optimized Systems | © 2012 IBM Corporation
10.
“Dynamic Tension” Social Business
and GRC impacts Benefits of Social Impacts on Governance, Risk, and C-level roles Business Compliance impacted Instant access to professional ● Directly conflicts with regulatory “internal firewall” CFO, CRO, CCO, experts and networks requirements CISO ● Multiplies the channels, volume, and velocity that have to Multi-modal communications be monitored, logged, audited, discovered. CIO, CISO, CLO ● Complicates identity and access management ● Creates risk of releasing or procuring information Access to public data sources and CLO, CRO, CCO, improperly applications ● Adds threat exposures CIO Mobile access to enterprise 'big ● Places core enterprise IP in uncontrolled environments CIO, CISO data' Rich information about people and ● Allows better targeted threats CISO, CCO, CRO projects ● Updates can be studied to reveal patterns and clues Common customer request: “How can you help us deploy your social business solutions in a way that doesn't break the GRC regime we've constructed over the years?” 10 | © 2012 IBM Corporation
11.
Enterprises understand unique
GRC issues Issue Mitigation Representative IBM Customer statements Offerings ● Atlas Policy Federation Framework We lack an overall social business Develop an enterprise-wide social ● Atlas Global Retention Policy and policy for our enterprise business policy & governance model Schedule Management Expands the universe of things I need Expanded policy management and ●Actiance Vantage for Connections and enforce policy on (monitor, retain, enforcement tools to modify behaviors, Sametime ● IBM Content Collector, IBM eDiscovery discover, and dispose) raise risk awareness Manager ● Atlas Governance for IT Raises challenges of managing within Identity/access management tools need ●Atlas Governance for IT regulated industries to be extended to social applications ●Tivoli Identity Manager ● Tivoli Content Manager ● Qradar SIEM/Risk Manager Raises risk and velocity of content Content inspection solutions must ● Lotus Protector leaks prevent leaks, flag inappropriate ● InfoSphere Guardium db Security behaviors ● Infosphere Optim Data Masking Breaks existing security / compliance Tools must reuse and extend existing ● Atlas Policy Federation Framework regimes such as internal firewalls security/compliance regimes for social ● IBM Information Lifecycle Governance content ● Lotus Protector ICAPI Creates new vectors of attack and raises risk of social engineering Security systems must identify, and exploits protect against, social business attacks ● Tivoli Network Intrusion Prevention ● Tivoli Endpoint Manager and exploits | © 2012 IBM Corporation
12.
IBM Information Lifecycle
Governance (ILG) The ILG solution portfolio enables customers to: effectively retain and archive information efficiently meet eDiscovery obligations defensibly dispose of information to lower both cost and risk. | © 2012 IBM Corporation 12
13.
Information Lifecycle –
it is a process... Of all the information and content generated in any organization only the right information has to be retained. But which is the right one? Risk: Cost of storage Create Collect Analyze Archive Discover Dispose Risk: Cost of lost evidence Inability to comply with regulatory requirements | © 2012 IBM Corporation
14.
Agenda ■
GRC – What is it, and why is it important? ■ Collaboration in a GRC world ■ Functional perspectives to GRC 14 | © 2012 IBM Corporation
15.
Use Case: Chief
Legal Officer Chief Legal Officer GOAL: REDUCE LEGAL EXPOSURE KEY OBJECTIVES ● Identifying legal risks ● Reducing exposure from retention of unnecessary information ● Anticipating and managing legal discovery tasks Impacts of Social Business ● Increased opportunities for legal risks, due to new communication modes and unlimited ad hoc interactions ● New data sources and types that constitute business records (must be discoverable per FRCP) ● Greater complexity of business records, including data hosted on external applications/platforms Strategies / Tools / Services from IBM ● Actiance Vantage for Connections and Sametime – Brings Connections/Sametime content into enterprise data corpus ● IBM Content Collector, IBM eDiscovery Manager – Enables cross-enterprise legal discovery of data and content ●Atlas Global Retention Policy and Schedule Management – Manages enterprise policies for retention and deletion, to reduce expense and exposure in legal cases ●Atlas Retention for Employees – Brings business knowledge into the retention process, to inform system of data that contains (or does not contain) business value or duty ● Atlas eDiscovery Process Management – Helps automate the workflows in legal discovery activities | © 2012 IBM Corporation
16.
Use Case: Chief
Risk Officer Chief Risk Officer GOAL: QUANTIFY AND REDUCE RISK EXPOSURE KEY OBJECTIVES ● Integrated view of risk across financial, operational and other domains ● Anticipating and avoiding unexpected loss Impacts of Social Business ● Increased opportunities for financial or IP disclosure ● New entry vectors for attacks, including social engineering exploits ● Frictionless collaboration with attendant information velocity Strategies / Tools / Services from IBM ● GBS Social Business GRC offering – Identify risks and apply mitigation strategies ●Atlas Policy Federation Framework and Connectors – Brings business knowledge into the retention process, to inform system of data that contains (or does not contain) business value or duty ● IBM Content Collector, IBM eDiscovery Manager – Enables cross-enterprise legal discovery of data and content ● IBM Content Analytics and Classification – Provides enhanced view of information and content, for improved risk awareness | © 2012 IBM Corporation
17.
Use Case: Chief
Financial Officer Chief Financial Officer GOAL: RISK-ADJUSTED FORECASTING AND ALLOCATION KEY OBJECTIVES ● Financial risk management ● Regulatory requirements ● Financial reporting (e.g. SOX) Impacts of Social Business ● Increased opportunities for financial disclosure (e.g., “ Quarter looks great!”) ● Rapid and unconstrained data growth may impact IT budget Strategies / Tools / Services from IBM ● GBS Social Business GRC offering – Design policies based on role or identity, content, and mode ● Actiance Vantage for Connections and Sametime – Brings Connections/Sametime content into enterprise data corpus for ● IBM Content Analytics, IBM Classification Module – Enables analysis ● Atlas Global Retention Policy and Schedule Management – Manages enterprise policies for retention and deletion, to reduce IT expense | © 2012 IBM Corporation
18.
Use Case: Chief
Information / Security Officer Chief Information / Security Officer GOAL: REDUCING IT EXPENSE AND RISK EXPOSURE KEY OBJECTIVES ● Ensuring regulatory compliance in IT systems ● Reducing storage and admin costs ● Business continuity risk ● Vendor risk Impacts of Social Business ● Increased opportunities for noncompliance in IT systems, with greater complexity of user/role access management ● Data growth that's difficult to apply lifecycle controls against, due to ad hoc/unstructured nature of data ● New vectors for attack, including social engineering and public social platform vulnerabilities Strategies / Tools / Services from IBM ● Actiance Vantage for Connections and Sametime – Brings Connections content into enterprise data corpus ●Atlas Global Retention Policy and Schedule Management – Manages enterprise policies for retention and deletion, to minimize IT expense ● Atlas Retention for Employees – Brings business knowledge into the retention process, to inform system of data that contains (or does not contain) business value or duty ● IBM Security Services components/controls (Tivoli, Q1) – Protects against intrusions and threats originating from social vectors | © 2012 IBM Corporation
19.
Use Case: Chief
Compliance Officer Chief Compliance Officer GOAL: ENSURING REGULATORY COMPLIANCE KEY OBJECTIVES ● Adherence to policy and procedures ● Managing regulatory exams, audits and requests ● Reducing cost for policy and control management Impacts of Social Business ● Increased opportunities for noncompliance, with new modalities and unlimited ad hoc interactions ● New data sources and types that constitute business records, applicable to regulatory activities ● Greater complexity of business records, including data hosted on external applications Strategies / Tools / Services from IBM ● Actiance Vantage for Connections and Sametime – Brings Connections content into enterprise data corpus ●Atlas Global Retention Policy and Schedule Management – Manages enterprise policies for retention and deletion, to minimize expense and exposure in compliance actions ● IBM Content Collector, IBM eDiscovery Manager – Enables cross-enterprise discovery of data and content for compliance actions ● Atlas eDiscovery Process Management – Helps automate the workflows in discovery activities for compliance actions ●Atlas Retention for Employees – Brings business knowledge into the retention process, to inform system of data that contains (or does not contain) business value or duty | © 2012 IBM Corporation
20.
Summary ■
GRC is a cross-functional imperative that addresses risks through policy, active management, and audit ■ Social Business offers unique challenges to GRC, but ultimately must be addressed within the larger GRC framework ■ Roles-based GRC analysis is needed to design comprehensive, lasting GRC programs | © 2012 IBM Corporation
21.
Arthur Fontaine
afontaine@us.ibm.com Thank you! 720-395-5676 Please remember to fill out your evaluations | © 2012 IBM Corporation
22.
Legal disclaimer © IBM
Corporation 2012. All Rights Reserved. The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM’s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, Quickr, Sametime, WebSphere, UC2, PartnerWorld and Lotusphere are trademarks of International Business Machines Corporation in the United States, other countries, or both. Unyte is a trademark of WebDialogs, Inc., in the United States, other countries, or both. 22 | © 2012 IBM Corporation
Download now