Risks are Key, Processes Follow. Michiel Schuijt Chief Risk Officer, Mn Services

Size: px
Start display at page:

Download "Risks are Key, Processes Follow. Michiel Schuijt Chief Risk Officer, Mn Services"

Transcription

1 Risks are Key, Processes Follow Michiel Schuijt Chief Risk Officer, Mn Services

2 Mn Services & Our Risk Management Philosophy 8 June 2011 ProcessWorld

3 Pension Companies in the Netherlands APG Groep 250 Billion euro PGGM 100 Mn Services 71 Blue Sky 12 SPF 13 BlackRock 20 ING / AZL 25 ) Syntrus Achmea 33 F&C Netherlands 35

4 Company profile Mn Services Mn Services administrates the pension plans for a range of pension funds in the Netherlands Some 1.9 million Dutch people rely on Mn Services for their pensions With assets under management of 71 billion Mn Services is in the top three pension investment managers in the Netherlands 980 fte in two countries (NL / UK) 8 June 2011 ProcessWorld

5 Challenge: Increase Risk Management Maturity Own ambition Mn Services organisation Positioning as a reliable business partner Balance between business and threats (management information) In Control Statement itself is not the objective, but appliances Driven by law and regulation and the supervisors Comply (demonstrable) to law- and regulations Adequate response on (changing) law- and regulations Pension funds are on the radar of Supervisors Driven by client responsibility (outsourcing activities) 8 June 2011 ProcessWorld

6 Risico Risk Management framework Audit Committee Commissie 8 June 2011 ProcessWorld Mn Services: Lines of Defense internal external Toezichthouders Regulator External Extern supervision toezicht Externe External accountant Externe External beoordeling evaluation Derde Third beheersings - line of defence - lijn Tweede Second beheersings - line of defence lijn Internal audit audit Control Risk Compliance Management Reguliere Regular testing toetsing van of framework het framework Coordination Co ö rdinatie Ontwikkeling Development of van policies beleid en and rapportage reporting structuur structure Audit Commissie Eerste First beheersings - line of defence lijn Besturingsprocessen Control processes Primaire Primary processes processen Ondersteunende Supporting processes processen Uitvoering Execution of van policies beleid Dagelijkse verantwoordelijkheid Daily accountability Rapportage Reporting & management info

7 Risks are Key, Processes Follow Analysis Processes consist of lots of controls Not always clear why controls are implemented, to comply to what law & regulation or to mitigate what risk(s) No visible balance between effort and cycle time (costdrivers) versus effectiveness (revenue-driver) Layer of Drivers Layer of Processes New Law Law New Objectives New Risks Risks Decision Objectives and Risk Identification as staring point Processes follow: possibly new/changed/outsourced Risk and Control Assessment results, created issues, are input for (flexible) processes Mn Services uses a top-down Risk based approach, with a flexible Process layer as intermediate. Layer of assessment results Risk Assessments Results (Losses) Control Assessments Results Created Issues Sign-off ISAE,ERM 8 June 2011 ProcessWorld

8 Enterprise Risk Management Implementation enabled by the ARIS Platform 8 June 2011 ProcessWorld

9 8 June 2011 ProcessWorld Enterprise Risk Management ERM ERM ISAE SAS 70 Financiële Financial verantwoording Beheersmaatregelen Controls audited Geaudit ERM covers ISAE and SAS70 as well COSOII ERM Framework is starting point of the program ERM processes are designed in ARIS Mn Services is in the middle of executing them, let s guide you through our ERM process Management assurance Risks Strategic, Tactical & Operational risks Strategisch, Tactisch & Operationele risico s All processes in scope Alle processen in scope Tested, Audited and Reported getest, geaudited& gerapporteerd In Control Statement In controlstatement

10 8 June 2011 ProcessWorld Decide on ERM Ambition Minimum Common Good Best Period of time declaration Ad hoc Year end Whole year Continuous Range F F/O/S/C Integrated F/O/S/C Certainty Limited IAD indirect Monitoring + IAD Risk paragraph Limitative generic list Enumeration Control framework Unstructured Structured Descriptive + impact and vulnerability Materialiteit driven Business control Not described Described Principle based Business-driven F/O/S/C Automated + integrated montoring Scenario s + choices Business-driven Leading cultural assessment Risk assessment BU / Process Ad hoc Incident driven Periodically Yearly (Year planning cycle) Integrated part of decision making Framework Unstructured Individual Structured Bottom up No Materialiteit Structured Top down Materialiteit Systematic Business-driven Governance Not described Unclear Described Silos Alignment Strengthening Awareness Limited Control Management Integrated part of business

11 Perspective Perspective Perspective Perspective Strategy Top Management identifies Objectives & Strategic Risks Workshops with: Top management identifying Strategic Risks Middle management identifying Tactical Risks Alignment of all Risks and their relation to Objectives and Processes Rel. perspectives Cause-and-effect Cause-and-effect Cause-and-effect CEO, Ruud Hagendijk (middle) Waarde voor aandeelhouders op lange termijn Realisatie rendement van 15% van de verwachte omzet in 2012 Bijdrage aan strategische ambities opdrachtgevers dmv een optimale integrale dienstverlening Realisatie financieel resultaat Groei in UK Verstevigen fundament Financieel Professionele dienstverlening Verhogen klanttevredenheid Behoud klantenbestand vermogensbeheer Besturing klantrelatie Klanten Versterken propositie processen en organisatie Succesvolle bediening nieuwe opdrachtgevers Organisatie inrichting Realisatie projectenportfolio (IPP) Verstevigen fundament Compliancy en invoeren risk management Interne Processen Leren en groeien Optimale inzet medewerkers Ontwikkeling medewerkers Formatie Innovatieve processen en systemen Huisvesting CFO, Kor Bosscher (right) 8 June 2011 ProcessWorld

12 8 June 2011 ProcessWorld Perform Risk Assessments Define Key Risks Planning assessments Execute Assessments and Reviews Decide on Risk response Reports

13 8 June 2011 ProcessWorld Implement and Monitor Control Activities Controls implementation & testing Issue solving Monitoring results Information and Communication

14 8 June 2011 ProcessWorld Compliance Management Compliance is integrated in ERM approach: same control to mitigate a risk and to comply to regulation Electronic Publisher provides relevant law & regulations (towards ARIS) Impact Analysis in ARIS to decide on actions

15 Business Benefits & Lessons Learned 8 June 2011 ProcessWorld

16 8 June 2011 ProcessWorld Benefits ERM within Mn Services ERM gives more insight than only Financial Risks Increased efficiency,by integration controls for SAS70 / ISAE and ERM and by that a decrease of test effort and number of issues Process improvement, processes became more lean: many controls from the past are abolished, because they simply added no value; new process controls are implemented, mitigating several risks and complying to multiple articles at once More risk awareness and better alignment of Risk Framework Mn Services with those of customers Keep competitors ahead by demonstrable In Control and better protection of the image of Mn Services

17 8 June 2011 ProcessWorld Risks are Key (to success), Thanks for Your Attention! Michiel Schuijt, CRO Processes Follow

ICAAP of SNS Bank. Arno van Eekelen Senior Consultant SNS Bank Global Association of Risk Professionals. June 2014

ICAAP of SNS Bank. Arno van Eekelen Senior Consultant SNS Bank Global Association of Risk Professionals. June 2014 ICAAP of SNS Bank Arno van Eekelen Senior Consultant SNS Bank Global Association of Risk Professionals June 2014 Table of contents 1. SNS REAAL 2. ICAAP a) Basic elements and environment b) ICAAP stages

More information

Het Secure Datacenter

Het Secure Datacenter Het Secure Datacenter If trust and reliability matters Michiel Steltman CTO Siennax Drivers voor IT Security Financiële aansprakelijkheid Sox, Basel II Persoonlijke aansprakelijkheid van managers Operationele

More information

Information Security Governance

Information Security Governance Information Security Governance Aart Bitter Aart.Bitter@information-security-governance.com Agenda Governance & Compliance Information Security Governance Aanpak om information security governance in organisaties

More information

It s all about relevance! De financiële professional als hoeder van waarde

It s all about relevance! De financiële professional als hoeder van waarde www.pwc.nl De financiële professional als hoeder van waarde Robert van der Laan 31 oktober 2012 NBA-VRC Jaarcongres Headlines Integrated Reporting 2 Nothing in the world is so powerful as an idea whose

More information

UvA college Governance and Portfolio Management

UvA college Governance and Portfolio Management UvA college Han Verniers Principal Consultant Han.Verniers@LogicaCMG.com Programma Governance IT Governance, wat is dat? Governance: structuren, processen, instrumenten Portfolio Management Portfolio Management,

More information

Requirements Lifecycle Management succes in de breedte. Plenaire sessie SPIder 25 april 2006 Tinus Vellekoop

Requirements Lifecycle Management succes in de breedte. Plenaire sessie SPIder 25 april 2006 Tinus Vellekoop Requirements Lifecycle Management succes in de breedte Plenaire sessie SPIder 25 april 2006 Tinus Vellekoop Focus op de breedte Samenwerking business en IT Deelnemers development RLcM en het voortbrengingsproces

More information

Netherlands National Contact Point OECD Guidelines for Multinational Enterprises. Lodewijk de Waal 23 October 2015

Netherlands National Contact Point OECD Guidelines for Multinational Enterprises. Lodewijk de Waal 23 October 2015 Netherlands National Contact Point OECD Guidelines for Multinational Enterprises Lodewijk de Waal 23 October 2015 De ondernemingsraad en MVO MVO moet geintegreerd onderdeel zijn van bedrijfsbeleid, het

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

th European Pension Funds Congress Introducing an overview of accumulated pension entitlements will help increase the mobility of European citizens 1

th European Pension Funds Congress Introducing an overview of accumulated pension entitlements will help increase the mobility of European citizens 1 8 th th European Pension Funds Congress Frankfurt 19th of November 2013 Titus Sips (APG) Introducing an overview of accumulated pension entitlements will help increase the mobility of European citizens

More information

Duurzaam Supply Management

Duurzaam Supply Management Duurzaam Supply Management Risico s en kansen NEVI Inkoopdag 24 juni 2014 Programma FIRA: De 3 minuten van de sponsor Opwarmen, wat is MVO/MVI eigenlijk? ING: De uitdaging van transparantie Vragen en discussie

More information

www.pwc.nl Procurement Transformation: Towards Sourcing & Procurement Excellence

www.pwc.nl Procurement Transformation: Towards Sourcing & Procurement Excellence www.pwc.nl Procurement Transformation: Towards Sourcing & Procurement Excellence PwC firms provide Industry-focused Assurance, Tax and Advisory services to enhance value for their clients. More than 161.000

More information

Duurzaam Supply Management

Duurzaam Supply Management Duurzaam Supply Management Risico s en kansen NEVI Inkoopdag 24 juni 2014 Programma FIRA: De 3 minuten van de sponsor Opwarmen, wat is MVO/MVI eigenlijk? ING: De uitdaging van transparantie Vragen en discussie

More information

Greening of and greening by IT

Greening of and greening by IT Greening of and greening by IT introduction John Post Managing director Green IT Amsterdam region Board TKI SWITCH2SmartGrids 1 Agenda Power and pollution, the bad and the ugly European ambitions & reality

More information

IPW Smart Delivery Management

IPW Smart Delivery Management IPW Smart Delivery SPIder 10 juni 2003 Mark van der Velden +31 6 54 68 21 22, m.van.der.velden@quintgroup.com Outline! Introduction! The model! Examples! Other models! Final words Software Engineering

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Risk Management Policy Record Number D14/79827 Responsible Manager Manager Strategy and Governance Last reviewed 10 March 2015 Adoption reference Council Resolution number 90.5 Previous

More information

Platform voor Informatiebeveiliging IB Governance en management dashboards

Platform voor Informatiebeveiliging IB Governance en management dashboards Platform voor Informatiebeveiliging IB Governance en management dashboards Johan Bakker MSc CISSP ISSAP Principal Policy Advisor KPN Corporate Center Information Security Governance Agenda Drivers voor

More information

From QMS to IMS. Name: Arie Boer Function Risk Manager Date: 19 december 2014

From QMS to IMS. Name: Arie Boer Function Risk Manager Date: 19 december 2014 Name: Arie Boer Function Risk Manager Date: 19 december 2014 Introduction EPZ is located in the south west of the Netherlands Vlissingen Borssele 2 Introduction EPZ has a coal fired plant, windmills and

More information

IT Governance: framework and case study. 22 September 2010

IT Governance: framework and case study. 22 September 2010 IT Governance: framework and case study Presenter Yaowaluk Chadbunchachai Advisory Services Ernst & Young Corporate Services Limited Presentation topics ERM and IT governance IT governance framework IT

More information

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Linking Risk Management to Business Strategy, Processes, Operations and Reporting Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles

More information

Managing Monopolies and Single Source Suppliers

Managing Monopolies and Single Source Suppliers Managing Monopolies and Single Source Suppliers Associate Trainer Anil Joshi Director NEVI Purspective www.purspective.com ITIDA International www.itida.nl aniljoshi@itida.nl 0651150293 Ok, who is NEVI

More information

Developments in International IT-Supervision

Developments in International IT-Supervision Developments in International IT-Supervision CBCS: Information Technology Service Management Seminar Evert Koning, 18 November 2014 Agenda 1.Europe: ECB: SSM 2.World: ITSG 3.Other Supervisors 2 Banking

More information

FRAMEWORK FOR AN ETHICAL MATURITY INDEX. Authors: Elena Demidenko and Patrick McNutt

FRAMEWORK FOR AN ETHICAL MATURITY INDEX. Authors: Elena Demidenko and Patrick McNutt FRAMEWORK FOR AN ETHICAL MATURITY INDEX Authors: Elena Demidenko and Patrick McNutt Across key Enterprise risk management frameworks, COSO ERM (http://www.coso.org) and ASNZ4360 (ASNZ 4360: 2004 (http://www.standards.com.au)

More information

ESKISP6056.01 Direct security testing

ESKISP6056.01 Direct security testing Direct security testing Overview This standard covers the competencies concerning with directing security testing activities. It includes setting the strategy and policies for security testing, and being

More information

Unofficial translation

Unofficial translation Unofficial translation Policy Rule of De Nederlandsche Bank N.V. on Integrity Policy Regarding Commercial Real Estate Activities (Policy Rule on Integrity Policy Regarding Commercial Real Estate Activities)

More information

Cloud. Regie. Cases.

Cloud. Regie. Cases. Cloud. Regie. Cases. Agile SIAM Dave van Herpen Consultant Cloud Cases Regie 2 Grip op de cloud Hoe word ik een wendbare service broker? Cloud Cases Regie 3 Waarom cloud? innovation maintenance Private?

More information

Evaluatie QIS5 16 december 2010. Out of the box actuaries and risk professionals

Evaluatie QIS5 16 december 2010. Out of the box actuaries and risk professionals Evaluatie 16 december 2010 Out of the box actuaries and risk professionals Agenda Introduction results Demo: manage process using E2S Appendix 1: detailed results non-life 2 Introduction Planning and participation

More information

Enterprise Risk Management: Concepts & Issues

Enterprise Risk Management: Concepts & Issues Enterprise Risk Management: Concepts & Issues Jacques Lapointe Internal Audit, Management Board Secretariat November 2003 1 The Basic Concept of Risk Management The active process of identifying risks,

More information

Asset Management in praktijk AMC Seminar 8 november Bertrand van Leersum, ATO

Asset Management in praktijk AMC Seminar 8 november Bertrand van Leersum, ATO Asset Management in praktijk AMC Seminar 8 november Bertrand van Leersum, ATO Europa investeert in uw toekomst uit het Europese fonds voor regionale ontwikkeling Over ATO Wind Energy Link B.V. Project

More information

Anglo-saksisch en Rijnlands

Anglo-saksisch en Rijnlands CMMI en Agile Anglo-saksisch en Rijnlands Agenda Inleiding CMMI versus Agile Rijnlands versus Angelsaksisch denken Conclusies Agenda Inleiding CMMI versus Agile Rijnlands versus Angelsaksisch denken Conclusies

More information

AXA Belgium Finance (NL) B.V.

AXA Belgium Finance (NL) B.V. AXA Belgium Finance (NL) B.V. interim financial statements June 30, 2009 Statutory seat: Utrecht Address: Ginnekenweg 213 4835 NA BREDA Breda, August 30, 2009 Table of contents Interim financial statements

More information

Quality Assurance Checklist

Quality Assurance Checklist Internal Audit Foundations Standards 1000, 1010, 1100, 1110, 1111, 1120, 1130, 1300, 1310, 1320, 1321, 1322, 2000, 2040 There is an Internal Audit Charter in place Internal Audit Charter is in place The

More information

Digital Transformation. 23 Juni - Progress Summer Summit - Rotterdam. Stephan Leferink Progress Benelux

Digital Transformation. 23 Juni - Progress Summer Summit - Rotterdam. Stephan Leferink Progress Benelux Digital Transformation 23 Juni - Progress Summer Summit - Rotterdam Stephan Leferink Progress Benelux Programma 14.00u 14.30u Digital Transformation & Experience Introductie en Plenaire Sessie 14.45u 18.00u

More information

Accenture Risk Management. Industry Report. Life Sciences

Accenture Risk Management. Industry Report. Life Sciences Accenture Risk Management Industry Report Life Sciences Risk management as a source of competitive advantage and high performance in the life sciences industry Risk management that enables long-term competitive

More information

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies

IT Professional Standards. Information Security Discipline. Sub-discipline 605 Information Security Testing and Information Assurance Methodologies IT Professional Standards Information Security Discipline Sub-discipline 605 Information Security Testing and Information Assurance Methodologies December 2012 Draft Version 0.6 DOCUMENT REVIEW Document

More information

FINANCIAL SHARED SERVICES

FINANCIAL SHARED SERVICES FINANCIAL SHARED SERVICES Arie Geneugelijk, John Vervloet & Djimmy Zeijpveld 9-3-2016 Agenda Waarom bent u hier? Praktijkvoorbeeld Exact: Transitie naar shared service center Demonstratie Vragen? Waarom

More information

DEKRA Certification ISO 27000:2013 SHAPING THE FUTURE

DEKRA Certification ISO 27000:2013 SHAPING THE FUTURE DEKRA Certification ISO 27000:2013 SHAPING THE FUTURE Henk Keijzer, 24 september 2013 Over DEKRA DEKRA HQ based in Stuttgart, Germany Active in more than 50 countries worldwide Organised in 3 Business

More information

Governance, Risk & Compliance

Governance, Risk & Compliance Governance, Risk & Compliance ERM enabled by ARIS Workshop Sistemi IT per la Compliance 30 giugno 2011 Lorenzo Fornai Lorenzo Capozza Software AG at a glance Revenue over 1 billion Global Leader for Process

More information

www.pwc.com Developing a robust cyber security governance framework 16 April 2015

www.pwc.com Developing a robust cyber security governance framework 16 April 2015 www.pwc.com Developing a robust cyber security governance framework 16 April 2015 Cyber attacks are ubiquitous Anonymous hacker group declares cyber war on Hong Kong government, police - SCMP, 2 October

More information

Enterprise Risk Management Program

Enterprise Risk Management Program Enterprise Risk Management Program APPA s Risk Management & Insurance Meeting Austin, Texas March 29, 2007 Presented by: L.D. Hollingsworth Agenda Introduction - Why ERM? Governance & Reporting Structure

More information

The transformation of IT Risk Management. kpmg.com

The transformation of IT Risk Management. kpmg.com The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help

More information

Company Presentation

Company Presentation 0 International Assurance Providers PO Box 117 4000 AC Tiel The Netherlands +31 (0) 6 149 68 048 enquiries@assuranceproviders.eu IAP IN BRIEF... International Assurance Providers (IAP) is a Qualified Security

More information

Metrics that Matter Security Risk Analytics

Metrics that Matter Security Risk Analytics Metrics that Matter Security Risk Analytics Rich Skinner, CISSP Director Security Risk Analytics & Big Data Brinqa rskinner@brinqa.com April 1 st, 2014. Agenda Challenges in Enterprise Security, Risk

More information

Risk management and internal control systems

Risk management and internal control systems Discussion Paper Risk management and internal control systems NIVRA taskforce on Internal Control Royal NIVRA ISBN-13: 978-90-75103-46-5... 2007 Koninklijk NIVRA, Amsterdam. Alle rechten voorbehouden.

More information

Information Security is not an IT problem! Enterprise Risk & Security Management

Information Security is not an IT problem! Enterprise Risk & Security Management Information Security is not an IT problem! Enterprise Risk & Security Management Raymond Slot Security Seminar 20 maart 2015 Some Security Incidents in 2014 Anthem 80 million customer records exposed JPMorgan

More information

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS

IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and

More information

3PM²: an integrated approach to enable the execution of organisational strategy. 3PM² - 16 november 2012 Stanwick Management Consultants

3PM²: an integrated approach to enable the execution of organisational strategy. 3PM² - 16 november 2012 Stanwick Management Consultants 3PM²: an integrated approach to enable the execution of organisational strategy 3PM² - 16 november 2012 1 13u30 Welkom Agenda Afspraken 13u40 3PM²: Kader 14u15 Parallelle workshops 15u00 Break 15u15 Parallelle

More information

Moving Forward with IT Governance and COBIT

Moving Forward with IT Governance and COBIT Moving Forward with IT Governance and COBIT Los Angeles ISACA COBIT User Group Tuesday 27, March 2007 IT GRC Questions from the CIO Today s discussion focuses on the typical challenges facing the CIO around

More information

ESKISP6054.01 Conduct security testing, under supervision

ESKISP6054.01 Conduct security testing, under supervision Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to

More information

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and

More information

CLICK TO OPEN FOOD AUTHENTICITY FIVE STEPS TO HELP PROTECT YOUR BUSINESS FROM FOOD FRAUD

CLICK TO OPEN FOOD AUTHENTICITY FIVE STEPS TO HELP PROTECT YOUR BUSINESS FROM FOOD FRAUD CLICK TO OPEN FOOD AUTHENTICITY FIVE STEPS TO HELP PROTECT YOUR BUSINESS FROM FOOD FRAUD Click on tabs below FOOD AUTHENTICITY FIVE STEPS TO HELP PROTECT YOUR BUSINESS FROM FOOD FRAUD Food and drink manufacturers

More information

Cloud. Transformatie. Cases.

Cloud. Transformatie. Cases. Cloud. Transformatie. Cases. Dé cloud bestaat niet. maakt cloud concreet 2 IT Transformatie. Cloud? De vraag is niet of we gaan, maar wanneer en hoe #sogetidoethet Matthias Radder Cloud Consultant 3 In

More information

Supervisory framework for assessing conduct and culture in the financial sector

Supervisory framework for assessing conduct and culture in the financial sector Supervisory framework for assessing conduct and culture in the financial sector Femke de Vries De Nederlandsche Bank June 17th, 2014 The Asch Experiment 2 Pre-crisis supervision 3 Post-crisis supervision

More information

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA RSA, The Security Division of EMC Zamanta Anguiano Sales Manager RSA The Age of the Hyperextended Enterprise BUSINESS ISSUES IMPACT Innovation Collaboration Exploding Information Supply Chain Customer

More information

Veilige software. Wie voelt zich verantwoordelijk?

Veilige software. Wie voelt zich verantwoordelijk? Veilige software Wie voelt zich verantwoordelijk? Praktijkvoorbeeld (1/3) Een willekeurige Directeur ICT Zijn er incidenten? Wat is de omvang? De beheerorganisatie spreekt over een web application firewall?

More information

International Diploma in Risk Management Syllabus

International Diploma in Risk Management Syllabus International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.

More information

Security Organization & Awareness. Januari, 28/29th 2014 6th CENTR Security Workshop Brussels Bert ten Brinke

Security Organization & Awareness. Januari, 28/29th 2014 6th CENTR Security Workshop Brussels Bert ten Brinke Security Organization & Awareness Januari, 28/29th 2014 6th CENTR Security Workshop Brussels Bert ten Brinke Goals Creating a awareness plan Describing the security organization What is necessary regarding

More information

STAATSCOURANT Government Gazette of the Netherlands No October 2010

STAATSCOURANT Government Gazette of the Netherlands No October 2010 STAATSCOURANT Government Gazette of the Netherlands No. 17099 29 October 2010 Official publication of the Kingdom of the Netherlands since 1814 Regulation of De Nederlandsche Bank N.V. of 26 October 2010

More information

Manpower OMG & Tripolis Solutions. Client Case

Manpower OMG & Tripolis Solutions. Client Case Manpower OMG & Tripolis Solutions Client Case At the regional level, the consultants can send out the campaigns themselves, so they quickly get a precise picture of the market Manpower is an HR service

More information

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations

More information

Frameworks for IT Management

Frameworks for IT Management Frameworks for IT ment 14 BiSL Business Information Services Library The Business Information Services Library (BiSL) has a focus on how business organizations can improve control over their information

More information

2011 Forrester Research, Inc. Reproduction Prohibited

2011 Forrester Research, Inc. Reproduction Prohibited 1 2011 Forrester Research, Inc. Reproduction Prohibited Information Security Metrics Present Information that Matters to the Business Ed Ferrara, Principal Research Analyst July 12, 2011 2 2009 2011 Forrester

More information

Introduction to TTC s Enterprise Risk Management (ERM) Program. TTC Audit and Risk Management Committee

Introduction to TTC s Enterprise Risk Management (ERM) Program. TTC Audit and Risk Management Committee STAFF REPORT INFORMATION ONLY Introduction to TTC s Enterprise Risk Management (ERM) Program Date: September 11, 2015 To: From: TTC Audit and Risk Management Committee Chief Executive Officer SUMMARY This

More information

Industrial Managed Services

Industrial Managed Services Industrial Managed Services M2M Summit 2012 Roland Schneiders Business Consultant Düsseldorf, 5th September 2012 Cofely Zuid Nederland BV Amerikalaan 35 6199 AE MAASTRICHT-AIRPORT Application Engineer

More information

Take the right steps 9 principles for building the Risk Intelligent Enterprise

Take the right steps 9 principles for building the Risk Intelligent Enterprise Take the right steps 9 principles for building the Risk Intelligent Enterprise Contents 9 principles for building a Risk Intelligent Enterprise 2 The Risk Intelligent Framework 4 1. Is risk a threat or

More information

IT Governance Charter

IT Governance Charter Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms

More information

Sander van Geest. Today s speaker

Sander van Geest. Today s speaker IT Business cases Guest Lecture Hogeschool Rotterdam Sander van Geest 16 February 2015 1 Today s speaker Sander van Geest Sander.vanGeest@vka.nl +31 79 368 1000 Senior Consultant in the area of Finance

More information

COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY

COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY COCA-COLA HELLENIC BOTTLING COMPANY RISK MANAGEMENT POLICY 1. INTRODUCTION The effective management of risk is central to the ongoing success and resilience of Coca-Cola Hellenic Bottling Company (CCHBC).

More information

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,

More information

RSA ARCHER OPERATIONAL RISK MANAGEMENT

RSA ARCHER OPERATIONAL RISK MANAGEMENT RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume

More information

Leiders in cultuurverandering

Leiders in cultuurverandering Leiders in cultuurverandering Een praktische gids voor strategische en culturele veranderingen in organisaties Jaap Boonstra Deze studie is eerder financieel mogelijk gemaakt en begeleid door de Stichting

More information

European Securities Markets Authority 103 Rue de Grenelle 75007 PARIS FRANCE. Investment Fund Managers Directive and types of AIFM.

European Securities Markets Authority 103 Rue de Grenelle 75007 PARIS FRANCE. Investment Fund Managers Directive and types of AIFM. European Securities Markets Authority 103 Rue de Grenelle 75007 PARIS FRANCE Federation of the Dutch Pension Funds Prinses Margrietplantsoen 90 2595 BR The Hague PO Box 93158 2509 AD The Hague The Netherlands

More information

Public Sector Pension Investment Board

Public Sector Pension Investment Board Public Sector Pension Investment Board Office of the Auditor General of Canada Bureau du vérificateur général du Canada Ce document est également publié en français. Her Majesty the Queen in Right of Canada,

More information

3. Provide the capacity to analyse and report on priority business questions within the scope of the master datasets;

3. Provide the capacity to analyse and report on priority business questions within the scope of the master datasets; Business Intelligence Policy Version Information A. Introduction Purpose Business Intelligence refers to the practice of connecting facts, objects, people and processes of interest to an organisation in

More information

Sample risk committee charter

Sample risk committee charter Sample risk committee charter 1 Next This sample risk committee charter is based on leading practices observed by Deloitte in the analysis of a variety of materials. It is important to note that the Risk

More information

Solvency II. PwC. *connected thinking. Solvency II GAP-analysis: practical experience (life and non-life business)

Solvency II. PwC. *connected thinking. Solvency II GAP-analysis: practical experience (life and non-life business) Solvency II Solvency II GAP-analysis: practical experience (life and non-life business) *connected thinking PwC Decide ambition level for Solvency II Business use Standard model, Total eller partiel Optimizing

More information

IT GOVERNANCE ISSUES IN THE INSTITUTIONS WE HAVE AUDITED: LESSONS LEARNED

IT GOVERNANCE ISSUES IN THE INSTITUTIONS WE HAVE AUDITED: LESSONS LEARNED CONTRALORIA GENERAL DE LA REPUBLICA DE COSTA RICA 5TH PERFORMANCE AUDITING SEMINAR INTOSAI STANDING COMMITTEE ON IT AUDIT MAJOR THEME: IT GOVERNANCE IT GOVERNANCE ISSUES IN THE INSTITUTIONS WE HAVE AUDITED:

More information

Implementation Location: The Netherlands (NL) with international applicability

Implementation Location: The Netherlands (NL) with international applicability Industry: Real Estate and Property Management Implementation Location: The Netherlands (NL) with international applicability Company Profiles CBRE Global Investors - One of the world s largest real estate

More information

HSMS. Group Health AND Safety Management System

HSMS. Group Health AND Safety Management System 3 2 CONSULTATION AND EMPOWERMENT 4 RISK MANAGEMENT 1 AMBITION, POLICY AND RULES LEADERSHIP, ACCOUNTABILITY AND ORGANISATION PLAN AND COMMIT 5 EMERGENCY PREPAREDNESS 10 AUDIT AND MATURITY PATH 9 LEARN AND

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

The vision of DNB on the supervision of cloud-computing

The vision of DNB on the supervision of cloud-computing The vision of DNB on the supervision of cloud-computing CBCS: Information Technology Service Management Seminar Evert Koning, 18 November 2014 Financial industry in the Netherlands Institution type Number

More information

Lean in het digitale tijdperk. Hans Toebak, Arjen Markus, 13 november 2013

Lean in het digitale tijdperk. Hans Toebak, Arjen Markus, 13 november 2013 Lean in het digitale tijdperk Hans Toebak, Arjen Markus, 13 november 2013 Back to the future 2 2054 lijkt in 2013 toch al erg dichtbij 3 Klanten passen zich sneller aan dan ooit. 4 5 6 De hedendaagse consument

More information

Company Update. Credit Suisse Capital Goods Conference September 14 th, 2011. Ron Wirahadiraksa CFO Royal Philips Electronics

Company Update. Credit Suisse Capital Goods Conference September 14 th, 2011. Ron Wirahadiraksa CFO Royal Philips Electronics Company Update Credit Suisse Capital Goods Conference September 14 th, 2011 Ron Wirahadiraksa CFO Royal Philips Electronics 1 Important information Forward-looking statements This document and the related

More information

IBM 2010 校 园 蓝 色 加 油 站 之. 商 业 流 程 分 析 与 优 化 - Business Process Management and Optimization. Please input BU name. Hua Cheng chenghua@cn.ibm.

IBM 2010 校 园 蓝 色 加 油 站 之. 商 业 流 程 分 析 与 优 化 - Business Process Management and Optimization. Please input BU name. Hua Cheng chenghua@cn.ibm. Please input BU name IBM 2010 校 园 蓝 色 加 油 站 之 商 业 流 程 分 析 与 优 化 - Business Process Management and Optimization Hua Cheng chenghua@cn.ibm.com Agenda Why BPM What is BPM What is BAM How BAM helps optimization

More information

RISK AdvISoRy SeRvIceS MINING CREDENTIALS

RISK AdvISoRy SeRvIceS MINING CREDENTIALS RISK Advisory Services MINING CREDENTIALS 2 Mining credentials BDO THERE IS AN INCREASING NUMBER OF MINING COMPANIES EXPLORING INVESTMENTS IN LOCAL AND EMERGING MARKETS TODAY, ATTRACTED BY QUALITY UNMINED

More information

Hoe onze wereld aan het veranderen is

Hoe onze wereld aan het veranderen is Hoe onze wereld aan het veranderen is Michiel Schaalje CTO Cisco Nederland Sinds 1996 actief binnen Cisco Vanaf 2006 verantwoordelijk voor o.a. de gehele Nederlandse presales organisatie Richt zich vanuit

More information

A view on governance. SharePoint Kennisdelingsdag. Nick Stuifbergen, consultant Nickstu@microsoft.com. 28 January 2011

A view on governance. SharePoint Kennisdelingsdag. Nick Stuifbergen, consultant Nickstu@microsoft.com. 28 January 2011 A view on governance SharePoint Kennisdelingsdag Nick Stuifbergen, consultant Nickstu@microsoft.com 28 January 2011 Agenda Waar zie je de risico s A view on governance SharePoint landscape SharePoint life

More information

Risk Management A Strategy for Success

Risk Management A Strategy for Success SEI Executive Connections Insights Risk Management A Strategy for Success The Opportunity of Risk Enterprise Risk Management is a critical focus of every wealth management firm. Today, business leaders

More information

CLOUD COMPUTING LESSONS LEARNED. Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015

CLOUD COMPUTING LESSONS LEARNED. Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015 CLOUD COMPUTING LESSONS LEARNED Marc Vael, Chief Audit Executive Smals / President ISACA Belgium, November 2015 WHEN WAS THE TERM USED FOR THE FIRST TIME? 26 th of October 1997 WHO HYPED ALL THIS? What's

More information

Risk & Audit Committee California Public Employees Retirement System

Risk & Audit Committee California Public Employees Retirement System California Public Employees Retirement System Consent Agenda Item 4d ITEM NAME: Enterprise Risk Management Division Status Report PROGRAM: Risk Management ITEM TYPE: Consent Information EXECUTIVE SUMMARY

More information

1 KPMG Business Academy. Internal Audit Risk and Compliance

1 KPMG Business Academy. Internal Audit Risk and Compliance 1 KPMG Business Academy Internal Audit Risk and Compliance 2 KPMG Business Academy Internal Audit supports an organization in accomplishing its objectives by bringing a systematic, disciplined approach

More information

Governance, Risk, and Compliance (GRC) White Paper

Governance, Risk, and Compliance (GRC) White Paper Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:

More information

mr. M.G.F.M.V. Janssen Secretary to the Managing Board T: +31 20 557 52 30 I: www.kasbank.com

mr. M.G.F.M.V. Janssen Secretary to the Managing Board T: +31 20 557 52 30 I: www.kasbank.com Date: 27 August 2015 For information: mr. M.G.F.M.V. Janssen Secretary to the Managing Board T: +31 20 557 52 30 I: www.kasbank.com Growth of 20% in net result, excluding non-recurring items, to EUR 8.3

More information

White Paper. Comparison of ISO/IEC 20000 with ASL and BiSL

White Paper. Comparison of ISO/IEC 20000 with ASL and BiSL White Paper Comparison of ISO/IEC 20000 with ASL and BiSL Both ISO/IEC 20000 and ASL offer guidance for IT Service Providers, ISO/IEC 20000 giving broad guidance for IT Service Management and ASL focusing

More information

Risk Management Policy Adopted by:

Risk Management Policy Adopted by: Risk Management Policy Adopted by: Infigen Energy Limited Infigen Energy (Bermuda) Limited Infigen Energy RE Limited in its capacity as Responsible Entity of Infigen Energy Trust Adopted: 17 December 2009

More information

Sales Consultant BI&W. Sales Consultant BI&W. Fabian Janssen. Bas Roelands

Sales Consultant BI&W. Sales Consultant BI&W. Fabian Janssen. Bas Roelands Fabian Janssen Sales Consultant BI&W Bas Roelands Sales Consultant BI&W Analytical Database: RDBMS of MDDS? Agenda Inleiding: Definities & Speelveld 19:00 19:45 Analytische Mogelijkheden RDBMS 19:45 20:00

More information

INSPIRE CHANGE ACT ON RESULTS MARKETING SCRUM 2 CASE STUDIES WHO NOW ACT FIRST APOLOGIZE LATER

INSPIRE CHANGE ACT ON RESULTS MARKETING SCRUM 2 CASE STUDIES WHO NOW ACT FIRST APOLOGIZE LATER INSPIRE CHANGE ACT ON RESULTS MARKETING SCRUM 2 CASE STUDIES WHO NOW ACT FIRST APOLOGIZE LATER Jeroen Molenaar Agile 2014 Orlando - 29th June 2014 1 2 Rev. 2013 02 16 June 2013 CONTACT INFO Jeroen Molenaar!!

More information

IT Risk Management Life Cycle and enabling it with GRC Technology

IT Risk Management Life Cycle and enabling it with GRC Technology IT Risk Management Life Cycle and enabling it with GRC Technology Debbie Lew (debbie.lew@ey.com), Senior Manager, E&Y Steven Jones (steven.jones@ey.com), Senior Manager, E&Y Overview 1. What is risk management?

More information

Royal Philips Electronics A leading company in Health and Well-being

Royal Philips Electronics A leading company in Health and Well-being Royal Philips Electronics A leading company in Health and Well-being UBS European Conference November 16 th, 2011 Ron Wirahadiraksa CFO Royal Philips Electronics Important information Forward-looking statements

More information

Using MSBA as the Foundation for SOA

Using MSBA as the Foundation for SOA SOA Challenges Why is Business Architecture Important What is MSBA Using MSBA as the Foundation for SOA SOA in context 1 SOA holds out enormous promise to revitalise the business value of IT... but early

More information

Master Class Effective Governance of Demand. The highlights

Master Class Effective Governance of Demand. The highlights Master Class Effective Governance of Demand The highlights Our portfolio @ www.cibit.nl cibitacademy - inspearit 2 Governance of Demand Our Experience Training programmes Belastingdienst, UWV BZK, EL&I

More information