Lessons from McKesson s Approach to Maintaining a Mature, Cost-Effective Sarbanes-Oxley Program
|
|
- Stephen Stone
- 8 years ago
- Views:
Transcription
1 Orange County Convention Center Orlando, Florida May 15-18, 2011 Lessons from McKesson s Approach to Maintaining a Mature, Cost-Effective Sarbanes-Oxley Program Vickie Pilotti Kelly Worley Ben Wienand ]
2 Overview SAP Security Introductions McKesson Overview Share our SOX Compliance Program journey through people, technology and processes Key Learning Q&A 2
3 Learning Points Journey through McKesson s SOX compliance program evolution Walk through a step-by-step approach to building out a longterm roadmap Identify how to create a holistic view of a SOX controls environment Walk away with short- and long-term ideas for opportunities to improve and streamline compliance processes Understand what McKesson is doing to further enhance its SOX program 3
4 McKesson Overview Largest healthcare services company in the world Fortune 14 -$108 Billion in revenue (FY10) More than 43,000 employees dedicated to healthcare Oldest U.S. healthcare company Established in years driving innovation in healthcare Only company offering solutions at every point of care Deep clinical, IT, and process expertise SAP processes are ISO 27001: 2005 certified 4
5 McKesson Overview We deliver 1/3 of all medicines used each day in North America 90% of retail pharmacies use our claims processing network 50% of hospitals use our software, automation, and services 20% of physicians use our software, supplies, and services 90% of public and private payors use our software, programs, and services 5
6 McKesson s Journey Organization/People Technology Process 6
7 SAP Security 7
8 SAP Security: The People The SAP Security Team is comprised of just four core team members and one manager:
9 Early SOX Compliance Program: Technology Phase 2: Compliant User Provisioning Phase 1: Risk and Remediation Phase 3: Super User Privilege Management Introduction McKesson selected SAP GRC tool in 2005 Selected 3 out of 4 modules We created a three phase plan of implementation 9
10 Early SOX Compliance Program: Technology Phase 2: Compliant User Provisioning Phase 1: Risk and Remediation Phase 3: Super User Privilege Management Phase 1 Allows one central repository for Segregation of Duties rules (SOD) Ties mitigating controls to Risks Provides details of risk for remediation 10
11 Early SOX Compliance Program: Phase 1 Benefit to McKesson Risk and Remediation Categorization of rules Ability to create custom rules Prioritized reporting of SOD s Identification of self conflictive role McKesson does not guarantee you will receive the same result 11
12 Early SOX Compliance Program: Technology Phase 2: Compliant User Provisioning Phase 1: Risk and Remediation Phase 3: Super User Privilege Management Phase 2 Automated user provisioning Works in conjunction with Risk & Remediation Minimizes risks 12
13 Early SOX Compliance Program: Phase 2 Benefit to McKesson Compliant User Provisioning Reduction of provisioning cycle time Enforced risk mitigation prior to provisioning Moved to Self Service Detailed audit logs McKesson does not guarantee you will receive the same result 13
14 Early SOX Compliance Program: Technology Phase 2: Compliant User Provisioning Phase 1: Risk and Remediation Phase 3: Super User Privilege Management Phase 3 Restricted access to sensitive transactions Ability to monitor sensitive access Reports changes made to system 14
15 Early SOX Compliance Program: Phase 3 Benefit to McKesson Audit simplification Super User Privilege Management Notification to owners process intervention Greater accountability change McKesson does not guarantee you will receive the same result 15
16 Enhancing the Program How to go from tool implementation to a comprehensive and fully integrated Compliance Program 16
17 You Need a Road with a Solid Vision 17
18 Envision Where You Want To Be Figure out your pain points Determine where you want to go Plot a course to get there Use high-level objectives Begin at 30,000 ft 18
19 Business Value/Decreased Cost of Ownership [ Create a High-Level Plan Phase 5: Evaluate results, and continue to build upon the improved model Q4 FY12 Phase 1: Build foundation Document all current processes and control mechanisms Q4 FY10 Phase 2: Identify process and control improvements. Set baseline metrics. GRAPHIC Roadmap, route 66 Q1 FY11 Phase 3: Gain alignment with stakeholders Q1/Q2 FY11 Phase 4: Begin implementing improvements based on priority and benefit vs. cost and return Q2 FY11 Sustainable Compliance 19
20 Where was McKesson going? Auditing and Self-Assessments Change Leadership Research Control Efficiency Collaboration Training/Education for: Role Owners and Managers Risk Owners Stakeholders and Sponsors Tools GRC Expansion Archer Custom Web applications Conferences Forums External discussions Process Lean efficiency and automation Accountability Easily auditable Collaboration Control Efficiency Governance Process & Design Consistency Executive Level Business Sponsorship 20
21 Refine the plan into a tactical roadmap Q4 FY10 Q1 FY11 Q2 FY11 Q3 FY11 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Process Process and Control Definition ZTEMP Process Monthly SoD Process Implementation of new processes, i.e., FF Reauthentication, SoD Rule Set Review, etc. User ID Standardization Fire Fighter Improvements for Program and Table Access Research GRC and Other Compliance Tools CUA, Password Self-Service, YROLE, Portal, IDM, SSO, Cross-system SoD s Ongoing External Research Tools Tool Scoping and Implementation? Education/ Change Leadership Definition and Scoping Implementation and continuous improvement 21 21
22 Align with Partners and Key Stakeholders Build solid partnerships with Internal Risk Agencies and Stakeholders Align cross agency objectives Understand what it is you re both trying to achieve 22
23 Building the Program Step by Step Control numbers tie back directly to the SOX workbooks Missing processes can either be left blank or noted otherwise (i.e., in another color)
24 Step by Step (cont.) A RACI chart was then crafted to identify the various process components, and who was responsible and accountable for each 24
25 Step by Step (cont.) Each process was then documented in a flowchart 25
26 Step by Step (cont.) End Result A solid foundational structure 26
27 New End State End Result All controls are active, in place, and green! 27
28 Additional Program Details The core controls within our program revolve around the validation of access and master data elements Philosophy is that all relevant data maintained within GRC should be validated at least once per year: User Access Risk Owners Role Owners Rule Set Etc. We refer to this as our Re-authentication Cycle, and it makes up 26% of our controls Helps to ensure data and access integrity, as well as validate the incoming process is working as intended 28
29 We had our house, but something was missing Auditing and Self-Assessments Change Leadership Research Control Efficiency Collaboration Training/Education for: Role Owners and Managers Risk Owners Stakeholders and Sponsors Tools GRC Expansion Archer Custom Web applications Conferences Forums External discussions Process Lean efficiency and automation Accountability Easily auditable Collaboration Control Efficiency Governance Process & Design Consistency Executive Level Business Sponsorship 29
30 Program Model Overhaul We redesigned our program model to accurately reflect our goals and long-term vision 30
31 Inclusion of Key Metrics We also recognized the need for key metrics to measure our success, and designed a SOX reporting dashboard Other metrics tracked separately include costs of the program and cost trend graphs 31
32 Updated Roadmap This revised thought process led to an update of the roadmap to again reflect the continuous improvement concept 32
33 Ideal End State The ultimate goal and end state is to: Eliminate the need for self-audits through the use of tools and technology Example: Implementation of Process Controls Achieve full automation of our SOX Compliance Program Not so we can kick our feet up, but so we can remain strategic, rather than tactical 33
34 Key Learning Leverage the strength of your people, technology and processes Build solid partnerships with Internal Risk Agencies and Stakeholders Build a compliance document to obtain a holistic view of your controls, being sure to tie back to applicable processes Construct a roadmap or strategic document Design an evaluation process to improve service efficiencies and automation Get ISO 27001:2005 certified! This adds additional process support and rigor to your program as well as external validation of your efforts that the customers can see. 34
35 Questions? Questions? 35
36 Contact Information Vickie Pilotti Sr. Manager SAP User Services Phone: Kelly Worley SAP Security Manager Phone: Ben Wienand SAP Compliance Manager Phone:
37 Thank you for participating. ] Please remember to complete and return your evaluation form following this session. For ongoing education in this area of focus, visit SESSION CODE: 1008
AT&T Global Network Client for Windows Product Support Matrix January 29, 2015
AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 Product Support Matrix Following is the Product Support Matrix for the AT&T Global Network Client. See the AT&T Global Network
More informationSAP NetWeaver Identity Management Experiences from an Implementation at Colgate-Palmolive Company
[ [ SAP NetWeaver Identity Management Experiences from an Implementation at Colgate-Palmolive Company Sarah Henriquez Senior Manager IT Risk Management, Colgate-Palmolive Kristian Lehment Product Manager
More informationCOMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*
COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun
More informationCOMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*
COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun
More informationEnhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017
From -JAN- To -JUN- -JAN- VIRP Page Period Period Period -JAN- 8 -JAN- 8 9 -JAN- 8 8 -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- -JAN- 8-JAN- 9-JAN- -JAN- -JAN- -FEB- : days
More informationAnalysis One Code Desc. Transaction Amount. Fiscal Period
Analysis One Code Desc Transaction Amount Fiscal Period 57.63 Oct-12 12.13 Oct-12-38.90 Oct-12-773.00 Oct-12-800.00 Oct-12-187.00 Oct-12-82.00 Oct-12-82.00 Oct-12-110.00 Oct-12-1115.25 Oct-12-71.00 Oct-12-41.00
More informationCase 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8
Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138 Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 2 of 138 Domain Name: CELLULARVERISON.COM Updated Date: 12-dec-2007
More informationHow To Implement Itil V3
2009 NMCI Conference: Implementing ITIL Session 1: ITSM Process ITSM COE Agenda Background ITSM Overview ITIL and Service Delivery Adopting ITIL to NGEN SE&I Activities 2 Background Develop Government
More informationColorado s Accountable Care Collaborative
Colorado s Accountable Care Collaborative Suzanne Brennan, Medicaid Director May 19, 2013 Who We Serve 2 Alignment with Triple Aim 3 HCPF Goals 1. Transforming our systems from a medical model to a health
More information4/1/2009. Short-termterm
Hi, my name is Susan ITIL in the Workplace The Practical Application of a Best Practice Framework Susan Ryan April 3, 2009 IT industry worker for over 25 years ITIL v2 Manager Certified itsmf Minnesota
More informationLeveraging Technology For ICD-10 Program Management Using MS SharePoint 2010. Poster Presentation by Maithili Vadula
Leveraging Technology For ICD-10 Program Management Using MS SharePoint 2010 Poster Presentation by Maithili Vadula ICD-10 Project using SharePoint: Project Background: New structure for coding diagnosis
More informationMinimize Access Risk and Prevent Fraud With SAP Access Control
SAP Solution in Detail SAP Solutions for Governance, Risk, and Compliance SAP Access Control Minimize Access Risk and Prevent Fraud With SAP Access Control Table of Contents 3 Quick Facts 4 The Access
More informationManaging Open Source Code Best Practices
Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate
More informationRoles: Scrum Master & Project Manager
Roles: Scrum Master & Project Manager Scrum Master: Facilitate collaborative meetings Track team performance Remove impediments (Risk, Issue) Validate team alignment to Agile framework and scope Drive
More informationAshley Institute of Training Schedule of VET Tuition Fees 2015
Ashley Institute of Training Schedule of VET Fees Year of Study Group ID:DECE15G1 Total Course Fees $ 12,000 29-Aug- 17-Oct- 50 14-Sep- 0.167 blended various $2,000 CHC02 Best practice 24-Oct- 12-Dec-
More informationDefining a Governance Model for Portals
Defining a Governance Model for Portals Tushar Sachdev The need for governance While implementing portals, the focus is often only on technology. The implicit assumption being that the portal is yet another
More informationIdentity & Access Management new complex so don t start?
IT Advisory Identity & Access Management new complex so don t start? Ing. John A.M. Hermans RE Associate Partner March 2009 ADVISORY Agenda 1 KPMG s view on IAM 2 KPMG s IAM Survey 2008 3 Best approach
More informationWEATHERHEAD EXECUTIVE EDUCATION COURSE CATALOG
2016 WEATHERHEAD EXECUTIVE EDUCATION COURSE CATALOG APPRECIATIVE INQUIRY COMMUNICATION AND PROFESSIONAL SKILLS EMOTIONAL INTELLIGENCE FINANCIAL DECISION MAKING DESIGNING INNOVATION AND STRATEGY MANAGING
More informationCertified Identity and Access Manager (CIAM) Overview & Curriculum
Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management
More informationHow to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions
How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions Introduction This paper provides an overview of the integrated solution and a summary of implementation options
More informationEDI Services helps healthcare network streamline workflow, increase productivity, and improve revenue cycle management.
GE Healthcare Results summary 2008 2010 Reduced eligibility rejection rate from 2% to 0.8% Reduced overall rejection rate from 6.4% to 4% Reduced cost to collect from 8.3% to 6.3% Increased the number
More informationConsumer ID Theft Total Costs
Billions Consumer and Business Identity Theft Statistics Business identity (ID) theft is a growing crime and is a growing concern for state filing offices. Similar to consumer ID theft, after initially
More informationBased on Chapter 11, Excel 2007 Dashboards & Reports (Alexander) and Create Dynamic Charts in Microsoft Office Excel 2007 and Beyond (Scheck)
Reporting Results: Part 2 Based on Chapter 11, Excel 2007 Dashboards & Reports (Alexander) and Create Dynamic Charts in Microsoft Office Excel 2007 and Beyond (Scheck) Bullet Graph (pp. 200 205, Alexander,
More informationSupervisor Instructions for Approving Web Time Entry
Supervisor Instructions for Approving Web Time Entry Time Approval Deadlines by Category Local 2110 Members members submit time by NOON on Monday of the pay week. Time should be approved no later than
More informationPennsylvania Home And Community Based Services (HCBS) Waiver Settings Transition Plan
Section 1: Identification - Pennsylvania will use its statewide transition plan as a way to determine its compliance with CMS s rule on HCBS. Pennsylvania will determine the current level of what state
More informationProposal to Reduce Opening Hours at the Revenues & Benefits Coventry Call Centre
Proposal to Reduce Opening Hours at the Revenues & Benefits Coventry Call Centre Proposal To change the opening hours of the Revenues & Benefits Call Centre to 9am until 5pm Monday to Friday with effect
More informationwww.pwc.com Advisory Services Oracle Alliance Case Study
www.pwc.com Advisory Services Oracle Alliance Case Study A global software company turns a Sarbanes-Oxley challenge into an opportunity for cost reduction and performance improvement Client s challenge
More informationRapidly Defining a Lean CMMI Maturity Level 3 Process
Rapidly Defining a Lean CMMI Maturity Level 3 Process Zia Tufail, zia@hp.com, 301.233.4228 Julie Kellum, Julie.Kellum@hp.com, 404.731. 52.63 Tim Olson-QIC, Tim.Olson@qic-inc.com, 760.804.1405 2004 Hewlett-Packard
More informationIDENTITY MANAGEMENT AND WEB SECURITY. A Customer s Pragmatic Approach
IDENTITY MANAGEMENT AND WEB SECURITY A Customer s Pragmatic Approach AGENDA What is Identity Management (IDM) or Identity and Access Management (IAM)? Benefits of IDM IDM Best Practices Challenges to Implement
More informationGRC Program Best Practices & Lessons Learned
GRC Program Best Practices & Lessons Learned Steps to Establishing and Maturing a GRC program Carl Sawicki, American Express Kathleen Randall, RSA Archer 1 Abstract In today s world, few organization s
More informationAccenture Cyber Security Transformation. October 2015
Accenture Cyber Security Transformation October 2015 Today s Presenter Antti Ropponen, Nordic Cyber Defense Domain Lead Accenture Nordics Antti is a leading consultant in Accenture's security consulting
More informationRBC Insurance Fetes Online Auto/Home Insurance Growth
Case Studies, K. Harris Research Note 29 October 2002 RBC Insurance Fetes Online Auto/Home Insurance Growth RBC Insurance's e-business successes are generating greater than $3 million in premiums per month.
More informationSEO Presentation. Asenyo Inc.
SEO Presentation What is Search Engine Optimization? Search Engine Optimization (SEO) : PPC and Organic Results Pay Per Click Ads The means of achieving top search engine results without having to incur
More informationRelease of the Draft Cybersecurity Procurement Language for Energy Delivery Systems
Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas
More informationOrange County Convention Center Orlando, Florida June 3-5, 2014
Orange County Convention Center Orlando, Florida June 3-5, 2014 It Ain t Easy Being Green: The Andersons Story Of Staying On Track While Implementing A Multiple- Domain Governance Program In Parallel With
More informationProcess Validation Workshops. Overview Session
Process Validation Workshops Overview Session 2 Session Objectives: Prepare staff for participating in a Process Validation Workshop Clarify the Purpose of Process Validation Workshops Clarify Expected
More informationAnalytic-Driven Quality Keys Success in Risk-Based Contracts. Ross Gustafson, Vice President Allina Performance Resources, Health Catalyst
Analytic-Driven Quality Keys Success in Risk-Based Contracts March 2 nd, 2016 Ross Gustafson, Vice President Allina Performance Resources, Health Catalyst Brian Rice, Vice President Network/ACO Integration,
More informationContinuous Controls Monitoring. Virginia ISACA January Meeting 19 January 2010
Continuous Controls Monitoring Virginia ISACA January Meeting 19 January 2010 Today s Agenda What We Are Hearing About Risk Internal Controls Continuous Control Monitoring What is CCM? Framework EY Point
More informationS24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma
S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to
More informationBusiness Continuity in Healthcare
Business Continuity in Healthcare Cynthia Simeone, CBCP, PMP Director Business Resilience Catholic Health Initiatives Scott Ream President Virtual Corporation 1 Session Speakers Cynthia Simeone, CBCP,
More informationImplementing Carbon Reduction Without Impacting Working Capital. Presented by Dylan Crompton
Implementing Carbon Reduction Without Impacting Working Capital Presented by Dylan Crompton Evolution of a Carbon Strategy Proactive organisations are on a journey to reduce carbon emissions. Marginal
More informationApplication Control Effectiveness for SAP. December 2007
Application Control Effectiveness for SAP December 2007 Meeting Objectives Application Control Effectiveness Compliance at a glance Trends and challenges Technology issues Application Control Business
More informationVermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0
Vermont Enterprise Architecture Framework (VEAF) Identity & Access Management (IAM) Abridged Strategy Level 0 EA APPROVALS EA Approving Authority: Revision
More informationImplementing ITIL with Kaseya Tools
Kaseya White Paper Implementing ITIL with Kaseya Tools A white paper by Robert Perrine, ITIL-Service Manager www.kaseya.com Executive Overview Kaseya Service Desk provides the logic and tools necessary
More informationPowerSteering Product Roadmap Your Success Is Our Bottom Line
Drive strategy. Accelerate results. cloud-based program & portfolio management software PowerSteering Product Roadmap Your Success Is Our Bottom Line Jay Hoskins Director of Product Management PowerSteering
More informationA BEST Case: Forecast Improvement Project. A Tale of Two BUs
A BEST Case: Forecast Improvement Project A Tale of Two BUs Green Belt Project Scope: EUR Region Two Business Units with distinct supply chains Goal: Accuracy improvement by Q3 2013 Workshop in Nov 2013
More informationDrill Down Deep Into Your Spend
Drill Down Deep Into Your Spend Verian s Spend Intelligence module features exclusive multi-layer data extraction that gives you a deeper level of visibility on a wide variety of reports, spend metrics
More informationCQC Compliance Monitoring Framework
At Care Group Level CQC Compliance Monitoring Framework 1. Utilising cascade training, Clinical Managers to ensure the staff within their Care Group are aware of the regulations, how to ensure compliance,
More informationEnterprise Risk Management VCU Process
VCU Process What is Enterprise Risk Management? An organization-wide systematic approach to identify and tactically manage risk. A best practice to prioritize risk and implement processes to monitor risk.
More informationwww.pwc.com SAP Training Are your people adequately trained to maximize your
www.pwc.com SAP Training Are your people adequately trained to maximize your return from SAP? Understand the challenges your organization has with SAP Background Organizations are investing significant
More information2011 Innovations Awards Application DEADLINE: MARCH 28, 2011
2011 Innovations Awards Application DEADLINE: MARCH 28, 2011 ID # (assigned by CSG): 2011- Please provide the following information, adding space as necessary: State: Pennsylvania Assign Program Category
More informationCENTERPOINT ENERGY TEXARKANA SERVICE AREA GAS SUPPLY RATE (GSR) JULY 2015. Small Commercial Service (SCS-1) GSR
JULY 2015 Area (RS-1) GSR GSR (LCS-1) Texarkana Incorporated July-15 $0.50690/Ccf $0.45450/Ccf $0.00000/Ccf $2.85090/MMBtu $17.52070/MMBtu Texarkana Unincorporated July-15 $0.56370/Ccf $0.26110/Ccf $1.66900/Ccf
More informationDiscussion Outline. A. KPIs Defined. B. Why KPIs Matter. C. KPI Menu. D. Implementation. E. Example KPIs. F. Pitfalls
Discussion Outline A. KPIs Defined B. Why KPIs Matter C. KPI Menu D. Implementation E. Example KPIs F. Pitfalls 1 Key Performance Indicators (KPI s) Defined Periodic assessment of an organization, business
More informationUse Data Strategy and Customer Analytics to Drive Business Decisions. Alison Shaffer August 26, 2010
Use Data Strategy and Customer Analytics to Drive Business Decisions Alison Shaffer August 26, 2010 Agenda Intro to WebEx Importance of data strategy and framework Increasing data usability Applying the
More informationSupporting a Continuous Process Improvement Model With A Cost-Effective Data Warehouse
Supporting a Continuous Process Improvement Model With A Cost-Effective Data Warehouse Dave Hynson, Vice President and CIO Juan Negrin, Manager of BI and Data Governance OVERVIEW I. ALIGNMENT TO BUSINESS
More informationAutomating Sarbanes-Oxley Compliance Testing for SAP Applications. A Guide to Cost and Time Efficiencies for Annual SOX Compliance Initiatives
Background The Sarbanes-Oxley Act of 2002 changed the way publicly held companies manage and, more importantly, control their business. For most companies, the most costly aspect of the legislation is
More informationEMC HYBRID CLOUD FOR SAP
White Paper EMC HYBRID CLOUD FOR SAP Centralize compliance information into a single repository Automate application control verification Integrate RSA Archer with SAP EMC Solutions Abstract This White
More informationEmployee performance management in a global setting. Brenda Wilson
Employee performance management in a global setting Brenda Wilson Performance management overview What is performance management? Performance management is a CORE business process driven by business strategy,
More informationRSA enables rapid transformation of Identity and Access Governance processes
RSA enables rapid transformation of Identity and Access Governance processes Sean Peasley, Principal Laxman Tathireddy, Senior Manager Deloitte & Touche LLP Cyber Risk Services Identity and Access Governance
More informationSUMMARY PROFESSIONAL EXPERIENCE. IBM Canada, Senior Business Transformation Consultant
Doreen Funk, MA 191 Discovery Ridge Blvd SW, Calgary Cell: 587-434- 0811 E- mail: dorfunk@hotmail.com SUMMARY Senior management consultant with 20 years of experience in applying strategies and implementing
More informationEnterprise Resource Planning (ERP) Program: Overview and Status Update
Enterprise Resource Planning (ERP) Program: Overview and Status Update Human Resources (HR), Finance & Property Services (FPS), and Information Technology (IT) Departments For the Council Committee of
More informationPROTECT YOUR WORLD. Identity Management Solutions and Services
PROTECT YOUR WORLD Identity Management Solutions and Services Discussion Points Security and Compliance Challenges Identity Management Architecture CSC Identity Management Offerings Lessons Learned and
More informationPerformance Dashboards in Local Government: What, Why, and How?
Performance Dashboards in Local Government: What, Why, and How? City of Portland TriMet TSCC Quarterly Meeting August 18, 2015 Dashboards: An Overview What s Driving the Interest in Performance Dashboards?
More informationHow SAP Business Objects Dashboards Are Improving Decision Making at Caterpillar Parts Distribution
How SAP Business Objects Dashboards Are Improving Decision Making at Caterpillar Parts Distribution Greg Lauer & John Buckhold Caterpillar Inc. SESSION CODE: 0705 DASHBOARDS Dashboards at Cat Parts Distribution
More informationUnifying Compensation:
Unifying Compensation: The Lehigh Valley Physicians Group Experience American Medical Group Association Orlando, FL March 15, 2013 Edward Norris, M.D. Chair, Compensation Committee Michael A. Rossi, M.D.,
More informationThe Five W's of SOC Operations. Kevin Young, @IT3700
The Five W's of SOC Operations Kevin Young, @IT3700 Thank you Todd Thanks to Randall Munroe https://xkcd.com/838/ Overview Introduction Five W s of SOC Operations When do I need a SOC? Readiness What exactly
More informationCustomers and Corporate Services Directorate (Corporate Support) Plan 2015-16
Appendix 2 Action Plan Due Date Status Customers and Corporate Services Directorate (Corporate Support) Plan 2015-16 CS1027 ICT Improvement Programme 31 January 2016 Objectives: CORPORATE SERVICES: ICT
More informationKey Components of Enterprise Risk Management (ERM) Framework
Key Components of Enterprise Risk Management (ERM) Framework Talha Karim May 7, 2014 2:00 pm 3:00 pm Objectives Introduction ERM Components ERM Implementation ERM Challenges 2 Introduction An ERM Framework
More informationOffice of the Secretary of State
General Office Overview Assembly Government Affairs, February 25, 2011 Office of the Secretary of State Commercial Recordings Securities Notary Division Elections State Business License Domestic Partnership/Athletes
More informationThe Impact of Medicare Part D on the Percent Gross Margin Earned by Texas Independent Pharmacies for Dual Eligible Beneficiary Claims
The Impact of Medicare Part D on the Percent Gross Margin Earned by Texas Independent Pharmacies for Dual Eligible Beneficiary Claims Angela Winegar, M.S., Marvin Shepherd, Ph.D., Ken Lawson, Ph.D., and
More informationCompliance by Design (CbD)
Compliance by Design (CbD) Building an Effective & Sustainable Compliance Program Dale Skivington Executive Director, Global Compliance and Privacy Dell today Technology has always been about enabling
More informationEnterprise Projects Fiscal Year 2009/2010 Third Quarter Report
Enterprise Projects Fiscal Year 2009/2010 Third Quarter Report Enterprise Projects Fiscal Year 2009/2010 - Third Quarter Report The Enterprise Program Investment Council (EPIC) is responsible for governance
More informationCalifornia Department of Mental Health Information Technology Attention: MHSA-IT 1600 9 th Street, Room 141 Sacramento, CA 95814
IT Project Status Report For an MHSA-Funded IT Project Please send the Signed Original to the following address: California Department of Mental Health Information Technology Attention: MHSA-IT 1600 9
More informationIAMUCLA 2.0 SSO Updates
IAMUCLA 2.0 SSO Updates Common Systems Group Meeting July 27, 2015 IAMUCLA 2.0 Projects Password Security Concerns Technology Evolution Health Systems SSO Support Departmental/Service Accounts Testing
More informationHow To Improve Your Business
IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends
More informationOrange County Convention Center Orlando, Florida June 3-5, 2014. Streamlining LSO Online Course Functionality Rob Becker
Orange County Convention Center Orlando, Florida June 3-5, 2014 Streamlining LSO Online Course Functionality Rob Becker Who Are We Lockheed Martin Corporation Global defense, security, aerospace, and advanced
More informationSharePoint Governance: Planning, Strategy and Adoption
Thinking SharePoint? Think Jornata. SharePoint Governance: Planning, Strategy and Adoption Scott Jamison Managing Partner & CEO Jornata LLC scott.jamison@jornata.com About Scott Jamison CEO of Jornata,
More informationAtlanta Public Schools. Career Academy
Atlanta Public Schools Career Academy Career Academy Planning Model 2012-2013 Market Analysis & Strategic Planning Research Labor Trends (Oct Dec) 2014 Engagement & Fundraising Visit Existing Career Academies
More informationOPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.
OPTIMUS SBR CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE. Optimizing Results with Business Intelligence Governance This paper investigates the importance of establishing a robust Business Intelligence (BI)
More informationMarathon Petroleum Company: Automating Testing with SAP Quality Center, SAP Solution Manager and SAP TAO Myra Egbert, Betsy Buckley
Marathon Petroleum Company: Automating Testing with SAP Quality Center, SAP Solution Manager and SAP TAO Myra Egbert, Betsy Buckley Orange County Convention Center Orlando, Florida June 3-5, 2014 Agenda
More informationIT Governance. Infocom India Presentation. Pathfinder Technology Solutions. December 6, 2006
IT Governance Infocom India Presentation December 6, 2006 Pathfinder Technology Solutions Agenda Why have IT Governance? What is IT Governance? Various elements of IT Governance Frameworks for IT Governance
More informationStephen Doune HRIS Project Manager Plan International
Stephen Doune HRIS Project Manager Plan International Content 1. About Plan International 2. The Challenge 3. The Vision 4. About Assima 5. The Projects 6. The Timeline 7. Partner Selection 8. Key 1st
More informationVisual Enterprise Architecture
Business Process Management & Enterprise Architecture Services and Solutions October 2012 VEA: Click About to edit Us Master title style Global Presence Service and Solution Delivery in 22 Countries and
More informationSAP BusinessObjects GRC Access Control 10.0 New Feature Highlights and Initial Lessons Learned
SAP BusinessObjects GRC Access Control 10.0 New Feature Highlights and Initial Lessons Learned Executive Summary Organizations evaluating technology solutions to enhance their governance, risk and compliance
More informationAnnual General Meeting
Annual General Meeting Daniel Rabie Chief Operating Officer Growth Opportunities: Cloud Accounting & Document Management Cloud Accounting Reckon One Enormous Market Opportunity We re just getting started...
More informationDepartment of Public Welfare (DPW)
Department of Public Welfare (DPW) Office of Income Maintenance Electronic Benefits Transfer Card Risk Management Report Out-of-State Residency Review FISCAL YEAR 2012-2013 June 2013 (March, April and
More informationCompany A Project Plan
Company A Project Plan Project Name: Close Optimization Project Example Prepared By: David Done - Project Manager Title: John Doe -Project Manager Date: March 17, 2011 Project Plan Approval Signatures
More informationProject Management Planning
The Project Plan Template The Project Plan The project plan forms the basis for all management efforts associated with the project. A project plan template is included in this document. The information
More informationNorth America Applications Sales Consulting Leadership Challenge Program - Virtually
North America Applications Sales Consulting Leadership Challenge Program - Virtually Lee Paulino, Group Vice President John Schmeisser, Senior Director Agenda Why Launch the Program
More informationOregon s Experience Accepting Online Credit and Debit Payments
Oregon s Experience Accepting Online Credit and Debit Payments Statistical Charts and Examples Page 1 of 8 How Oregon s Case Validation Works Semi-Technical Speak As part of their process, a vendor using
More informationChange Management Advisory Council. September, 2010
Change Management Advisory Council September, 2010 Agenda 8:00-8:20: 8:20-8:40: 8:40-9:00: 9:00-9:30: Introduce team; share role of Advisory Council and discussion questions Discuss program overview and
More informationPurchased Services Areas of Opportunity:
Purchased Services Areas of Opportunity: How Texas Children's Hospital Achieved Significant Cost Savings For Its Contract Staffing Purchased Services Presented by Edward M. Lewis, C.P.M., CMRP Supply Chain
More informationBenefits of Adopting Data Management Practices to strengthen Measurement Analysis
Benefits of Adopting Data Management Practices to strengthen Measurement Analysis Gurdarshan Singh Brar, Dilip Gore, Arun Guruswami Wipro Technologies 1 Contents 1 About Wipro 2 IT Services Organization
More informationAssignment 4 CPSC 217 L02 Purpose. Important Note. Data visualization
Assignment 4 CPSC 217 L02 Purpose You will be writing a Python program to read data from a file and visualize this data using an external drawing tool. You will structure your program using modules and
More informationAP Automation at Fossil. How Fossil implemented Opentext Vendor Invoice Management Wim Schalken
AP Automation at Fossil How Fossil implemented Opentext Vendor Invoice Management Wim Schalken Agenda INTRODUCTION LANDSCAPE PROJECT PROCESS LESSONS LEARNED Click to edit super huge text copy The Fossil
More information1/23/2008. SDG&E Introduction
Powerful Efficiency Applications with a Human Touch Delivering Value to Small/Mid Sized Businesses Jeff Alexander Sr. Program Manager San Diego Gas & Electric 2008 San Diego Gas & Electric Company. All
More informationManaging Health & Safety in Depot Maintenance
Managing Health & Safety in Depot Maintenance David R. Askew Chief, Safety & Occupational Health Corpus Christi Army Depot CORPUS CHRISTI ARMY DEPOT - SUPPORTING THE JOINT WARFIGHTER - UNCLASSIFIED 1 CCAD
More informationMarket Assessment & Campaign SLA Calculator LOGO WE OPEN THE DOOR, SO YOU CAN CLOSE IT.
Market Assessment & Campaign SLA Calculator LOGO WE OPEN THE DOOR, SO YOU CAN CLOSE IT. Your Market Assessment Overview Your Inbound Market Assessment and Campaign SLA Calculator is broken down into several
More informationRSA Identity Management & Governance (Aveksa)
RSA Identity Management & Governance (Aveksa) 1 RSA IAM Enabling trusted interactions between identities and information Access Platform Authentication Federation/SSO Employees/Partners/Customers Identity
More information