CPE Credits: 7
Description:
Corporate governance issues have extended beyond national borders to reach truly a global perspective. Establishing a proactive governance strategy focused on compliance, requires knowledge of how to maximize the role of organizational information technology (IT), to successfully ensure and to achieve global compliance. Taking the leg work out of proving compliance, and managing the technology burdens of SOX, HIPAA, GLB, Basel II and other emerging governance and compliance regulations, standards, guidelines and frameworks, this presentation identifies the key issues and presents best practices aimed at taking full advantage of IT resources in establishing strong internal controls and forging solid compliance strategies. Corporate governance issues have extended beyond national borders to reach truly a global perspective. Establishing a proactive governance strategy focused on compliance, requires knowledge of how to maximize the role of organizational information technology (IT), to successfully ensure and to achieve global compliance. Taking the leg work out of proving compliance, and managing the technology burdens of SOX, HIPAA, GLB, Basel II and other emerging governance and compliance regulations, standards, guidelines and frameworks, this presentation identifies the key issues and presents best practices aimed at taking full advantage of IT resources in establishing strong internal controls and forging solid compliance strategies.
Audience:
This presentation is intended for Chief Technology Officers, General Counsels, Chief Information Officers, Chief Security Officers, Controllers, internal and external audit professionals, Human Relations professionals - -persons charged with establishing or reviewing the implications of establishing strategies that embrace and coordinate the role of organizational IT in substantiating organizational compliance to today’s (and tomorrow’s) governance regulations, and professionals who generally want to learn more about controlling their organization’s compliance efforts through the proactive uses of IT. This presentation is intended for Chief Technology Officers, General Counsels, Chief Information Officers, Chief Security Officers, Controllers, internal and external audit professionals, Human Relations professionals - -persons charged with establishing or reviewing the implications of establishing strategies that embrace and coordinate the role of organizational IT in substantiating organizational compliance to today’s (and tomorrow’s) governance regulations, and professionals who generally want to learn more about controlling their organization’s compliance efforts through the proactive uses of IT.
Prerequisites: There is no prerequisite for this presentation.
Objectives:
After completing this presentation, attendees will be able to:
· Gain a better perspective of the challenges to achieving organizational governance and compliance – internationally.
· Obtain a better understanding of the shifting governance roles and responsibilities of the organization’s IT function.
· Acquire a better understanding how IT systems assist management with compliance issues.
· Have a greater awareness of the varied laws, regulations, guidelines, frameworks and standards which address governance, and the role of IT in successfully implementing corporate governance.
· Be able to address and develop an enterprise-wide plan for the successful implementation of a governance strategy that involves the corporate IT function.
· Obtain a set of best practices for successfully implementing an IT-based governance and compliance program.
Course Outline:
Introduction
· Governance, Risk, Compliance
· IT Connection to Profit
Requirements for IT Compliance
· Corporate Governance
· Compliance to Standards
IT Governance
· COBIT + IT Governance
· ISO 27001, 27002, 27003, 27004, 27005
· ISO 38500
IT Bottom-Line Impact
· What is GRC?
· IT GRC – Audit Assessment Questions
· Effectively Governing IT Activities
· Compliance Challenges
How Can IT Systems Assist Management With Compliance Issues?
· IT’s Contribution to Compliance
· Identity Management
· Utility Computing
IT Solutions for GRC…System Forensics
· Using a Network Analyzer as a Compliance Tool
· Retrospective Network Analysis
· Network Security Forensics
· IT Tools -- Achieving Compliance Through Technology Solutions
· Monitoring Network Activity - Network Instruments
· Vulnerability Management - PatchLink Security Management
· Enterprise Rights Management – Liquid Machines
· Anti-spam, Anti-virus & Anti-spyware Appliances – IronPort
· Security Information and Event Management – TriGeo
· Network Intrusion Prevention – TippingPoint
· Email Archiving – ArcMail Technology
Summary
· GRC Smart Practices
· Putting GRC Into Action