IT Governance Committee Charter
|
|
- Myra Richardson
- 8 years ago
- Views:
Transcription
1 IT Governance Committee Charter 1
2 Purpose IT Governance Committee IT Governance Committee purpose is to: Understand IT as a business(projects, Costs, Investments, Resource Management) Make recommendations on improvements Assist in policy compliance Assess, Monitor and Document Risk Approve policy, standards and guidelines Be a advocate and spread the word about the Committee and changes that will happen
3 IT Governance Function Charter IT Governance Committee can be defined as the organizational capacity exercised SLU business Leaders and IT management to control the formulation and implementation of IT strategy and ensure the fusion of business and IT. IT Governance Committee concentrates on performing and transforming IT to meet present and future demands of the business and the business customers. Strategic alignment focuses on ensuring the linkage of business and IT plans; defining, maintaining and validating the IT value proposition; and aligning IT operations with enterprise operations. Value delivery is about executing the value proposition throughout the delivery cycle, ensuring that IT delivers the promised enterprise and embedding of risk management responsibilities into the organization. Performance measurement tracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery using metrics, dashboards or balanced scorecards that translate strategy into action to achieve goals. Resource management (Multi-Sourcing) is about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people. Key issues relate to the optimization of knowledge and infrastructure. Risk management requires risk awareness by senior SLU officers, a clear understanding of the enterprise s appetite for risk, understanding of compliance, security requirements and transparency about the significant risks to the SLU.
4 IT Governance Committee Guiding Principles Simplicity The ITGC must serve to avoid unnecessary complexity in the management of risks and controls across the enterprise. Develop common risk and controls matrices, avoid duplication of controls, and adopt publicly available standards and frameworks. Consistency To ensure that ITGC is not a constraint on business agility, policy will be guided by risk tolerances, not the other way around. To enable effective decision making and comparison across the University, the ITGC advocate must enable a single version of the truth. Accountability Ownership for risks, controls and policies must be clear. Roles and responsibilities must be delineated unambiguously Alignment Business value of ITGC decisions and approvals will depend in large measure on how well they link to the University requirements.
5 IT Governance Committee Membership: ITS Mike Mueller Mary Estes Peter Juan Keith Hacke Sue Baker Nick Lewis Scott Amendola IT Research Services Kyle Collins- IT Academic Services SLU Business Divisions Kathy Merlo -UMG Michael Lucido Risk Management Elizabeth Winchester Internal Audit Dave Grabe Controller Business and Finance Dean Marty - EHR Ron Rawson - Compliance Stacey Harrington Academic Affairs Patricia Haberberger Human Resources Jay Haugen Registrar Anne Garcia - Compliance Extended ITS Dave Hendel Project Office Mary Frazer IT Finance IT Governance Area Risk (Security, Compliance, Risk Reporting), Standards, Policies and Guidelines Performance Management Resource Management Value Delivery Strategic Alignment Purpose at meeting recommendations, approve, advocate to Senior Leadership making, advocate across ITS making, advocate across ITS making, advocate to Senior Leadership making, advocate across ITS
6 IT Governance Committee Process IT Governance Risk Management Process Situations that create a Risk Assessment UITCG and/ or TBD SLU Enterprise Governance IT Audit Committee/ Board of Trustees President New Project benefit analysis and NPV funding requests Security Breaches or Attacks that require remediation and changes Compliance Audits (HIPAA, Internal Audit, PCI, FISMA with Critical or HIGH Remediation Treatments (spend and funding approval) ITS Governance Directors Escalation of issues for non-remediation, funding, Acceptance of High Risk Approve recommendations and treatment plan, procure, work with VPs to obtain funding IT Governance Risk Register IT Governance Monitoring People, Financial Risks IT Governance Compliance, Audit, Risk Management and General Counsel, Division Stakeholders Directors Identify Risk Access Risk Create Risk Treatment Plan Implement Risk Plan Implement Risk Treatment Plan Security Incidents or Events Policy approval and Compliance NON Compliance with Policy, Regulatory or Security Assessment Phase Risk Owner & IT Governance Committee Evaluate Risk Treatment/ Remediation Phase Risk Owner/IT Governance Committee
IT Governance. What is it and how to audit it. 21 April 2009
What is it and how to audit it 21 April 2009 Agenda Can you define What are the key objectives of How should be structured Roles and responsibilities Key challenges and barriers Auditing Scope Test procedures
More informationIT Governance: framework and case study. 22 September 2010
IT Governance: framework and case study Presenter Yaowaluk Chadbunchachai Advisory Services Ernst & Young Corporate Services Limited Presentation topics ERM and IT governance IT governance framework IT
More informationIT Governance Regulatory. P.K.Patel AGM, MoF
IT Governance Regulatory Perspective P.K.Patel AGM, MoF Agenda What is IT Governance? Aspects of IT Governance What banks should consider before implementing these aspects? What banks should do for implementation
More informationIT Charter and IT Governance Framework
IT Charter and IT Governance Framework Status: Custodian: Approved Director: Information Technology Date approved: 2013-12-04 Implementation date: 2013-12-05 Decision number: SAQA 02102/13 Due for review:
More informationCOMPLIANCE CHARTER 1
COMPLIANCE CHARTER 1 Contents 1. Compliance Policy Statement... 2 2. Purpose... 2 3. Mission and objective of the Directorate: Compliance... 2 3.1 Mission... 2 3.2 Objective... 3 4. Compliance risk management...
More informationGOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION
GOVERNANCE OF INFORMATION TECHNOLOGY IN HIGHER EDUCATION SPANISH ASSOCIATION OF UNIVERSITY RECTORS CONFERENCIA DE RECTORES DE LAS UNIVERSIDADES ESPAÑOLAS Information Technology (IT) has become critical
More informationEnterprise Risk Management in a Highly Uncertain World. A Presentation to the Government-University- Industry Research Roundtable June 20, 2012
Enterprise Risk Management in a Highly Uncertain World A Presentation to the Government-University- Industry Research Roundtable June 20, 2012 CRO Council Introduction Mission The North American CRO Council
More informationIT Governance Charter
Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms
More informationEVALUATION FRAMEWORK FOR SERVICE CATALOG MATURITY IN INFORMATION TECHNOLOGY ORGANIZATIONS
EVALUATION FRAMEWORK FOR SERVICE CATALOG MATURITY IN INFORMATION TECHNOLOGY ORGANIZATIONS Carlos Moreno Martínez Information Systems Department, Universidad Europea de Madrid Spain Email: 20839394@live.uem.es
More informationDATA AUDIT: Scope and Content
DATA AUDIT: Scope and Content The schedule below defines the scope of a review that will assist the FSA in its assessment of whether a firm s data management complies with the standards set out in the
More informationReauthorization Process and Application Overview. September 30, 2014 Webinar
Reauthorization Process and Application Overview September 30, 2014 Webinar Agenda Today s Goal To prepare all stakeholders to effectively participate in the 2015 charter contract reauthorization process.
More informationMarch 12th, 2009 Chapter Meeting - HIPAA, SOX, PCI, GLBA Presented by LogiSolve
March 12th, 2009 Chapter Meeting - HIPAA, SOX, PCI, GLBA Presented by LogiSolve HIPAA, SOX, PCI, GLBA...In today's corporate environment, businesses are facing increasing regulation affecting the corporation
More informationUniversity of Michigan Medical School Data Governance Council Charter
University of Michigan Medical School Data Governance Council Charter 1 Table of Contents 1.0 SIGNATURE PAGE 2.0 REVISION HISTORY 3.0 PURPOSE OF DOCUMENT 4.0 DATA GOVERNANCE PROGRAM FOUNDATIONAL ELEMENTS
More informationRISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY
RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY PRESENTED BY: LEN WIATR, CHIEF RISK OFFICER Len s Risk Management Philosophy Build a
More informationRisk Management Framework
Risk Management Framework Mandate and commitment Design of framework for managing risks Continual improvement of the framework Implementing risk management Monitoring and review of the framework Source:
More informationThe College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only January 2012
The College of New Jersey Enterprise Risk Management and Higher Education For Discussion Purposes Only Agenda Introduction Basic program components Recent trends in higher education risk management Why
More informationVENDOR MANAGEMENT. General Overview
VENDOR MANAGEMENT General Overview With many organizations outsourcing services to other third-party entities, the issue of vendor management has become a noted topic in today s business world. Vendor
More informationInformation Security Program CHARTER
State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information
More informationSECURITY RISK MANAGEMENT
SECURITY RISK MANAGEMENT ISACA Atlanta Chapter, Geek Week August 20, 2013 Scott Ritchie, Manager, HA&W Information Assurance Services Scott Ritchie CISSP, CISA, PCI QSA, ISO 27001 Auditor Manager, HA&W
More informationData Governance. David Loshin Knowledge Integrity, inc. www.knowledge-integrity.com (301) 754-6350
Data Governance David Loshin Knowledge Integrity, inc. www.knowledge-integrity.com (301) 754-6350 Risk and Governance Objectives of Governance: Identify explicit and hidden risks associated with data expectations
More informationData Governance Demystified - Lessons From The Trenches
Introduction Data Governance Demystified - Lessons From The Trenches Jay Zaidi, PMP December 11, 2011 Data Governance is gaining importance lately, due to a renewed focus on regulatory compliance and risk
More informationEnabling Compliance Requirements using ISMS Framework (ISO27001)
Enabling Compliance Requirements using ISMS Framework (ISO27001) Shankar Subramaniyan Manager (GRC) Wipro Consulting Services Shankar.subramaniyan@wipro.com 10/21/09 1 Key Objectives Overview on ISO27001
More informationBoard oversight of risk: Defining risk appetite in plain English
www.pwc.com/us/centerforboardgovernance Board oversight of risk: Defining risk appetite in plain English May 2014 Defining risk appetite in plain English Risk oversight continues to be top-of-mind for
More informationThe Role of the Board in Enterprise Risk Management
Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance
More informationTransforming risk management into a competitive advantage kpmg.com
INSURANCE RISK MANAGEMENT ADVISORY SOLUTIONS Transforming risk management into a competitive advantage kpmg.com 2 Transforming risk management into a competitive advantage Assessing risk. Building value.
More informationPMP Examination Tasks Puzzle game
PMP Examination Tasks Puzzle game Here is a great game to play to test your knowledge of the tasks you will be tested on in the actual examination. What we have done is take each of the domain tasks in
More informationMaintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com
Maintaining PCI-DSS compliance Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Sessione di Studio Milano, 21 Febbraio 2013 Agenda 1 Maintaining PCI-DSS compliance
More informationDesigning Compliant and Sustainable Security Programs 1 Introduction
Designing Compliant and Sustainable Security Programs 1 Introduction The subject of this White Paper addresses several methods that have been successfully employed by DYONYX to efficiently design, and
More informationIT audit updates. Current hot topics and key considerations. IT risk assessment leading practices
IT audit updates Current hot topics and key considerations Contents IT risk assessment leading practices IT risks to consider in your audit plan IT SOX considerations and risks COSO 2013 and IT considerations
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationBeyond risk identification Evolving provider ERM programs
Beyond risk identification Evolving provider ERM programs March 2016 At a glance PwC conducted research to assess the state of enterprise risk management (ERM) within healthcare providers and found many
More informationGovernance Processes and Organizational Structures for Information Management
UNIVERSITY BUSINESS EXECUTIVE ROUNDTABLE Governance Processes and Organizational Structures for Information Management Custom Research Brief Research Associate Lauren Edmonds Research Manager Priya Kumar
More informationFINANCIAL INSTITUTIONS: MANAGING OPERATIONAL RISK WITH RSA ARCHER
FINANCIAL INSTITUTIONS: MANAGING OPERATIONAL RISK WITH RSA ARCHER As a board-level discussion topic at all financial institutions (FI) today, operational risk is real and public disclosure of significant
More informationCertified Information Security Manager (CISM)
Certified Information Security Manager (CISM) Course Introduction Course Introduction Domain 01 - Information Security Governance Lesson 1: Information Security Governance Overview Information Security
More informationHot Topics in IT. CUAV Conference May 2012
Hot Topics in IT CUAV Conference May 2012 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationHans Bos Microsoft Nederland. hans.bos@microsoft.com
Hans Bos Microsoft Nederland Email: Twitter: hans.bos@microsoft.com @hansbos Microsoft s Cloud Environment Consumer and Small Business Services Software as a Service (SaaS) Enterprise Services Third-party
More informationIDENTITY MANAGEMENT AND COMMON SYSTEM ACCESS HUMBOLDT STATE UNIVERSITY. Audit Report 12-46 December 21, 2012
IDENTITY MANAGEMENT AND COMMON SYSTEM ACCESS HUMBOLDT STATE UNIVERSITY Audit Report 12-46 December 21, 2012 Henry Mendoza, Chair William Hauck, Vice Chair Lupe C. Garcia Steven M. Glazer Hugo N. Morales
More informationINFORMATION GOVERNANCE AND SECURITY GROUP. Terms of Reference
INFORMATION GOVERNANCE AND SECURITY GROUP 1 Constitution and purpose Terms of Reference 1.1 The purpose of the University Information Governance and Security Group is to 1.2 promote the effective management
More informationS11 - Implementing IT Governance An Introduction Debra Mallette
S11 - Implementing IT Governance An Introduction Debra Mallette S11 - Introduction to IT Governance Implementation using COBIT and Val IT Speaker: Debra Mallette, CGEIT, CISA, CSSBB Session Objectives
More informationUniversity of St. Gallen Law School Law and Economics Research Paper Series. Working Paper No. 2008-19 June 2007
University of St. Gallen Law School Law and Economics Research Paper Series Working Paper No. 2008-19 June 2007 Enterprise Risk Management A View from the Insurance Industry Wolfgang Errath and Andreas
More informationIT Governance Framework. Western Illinois University. September 2013
IT Governance Framework Western Illinois University September 2013 Developed by: Subcommittee on IT Governance of the University Technology Advisory Group v8.7 2 TABLE OF CONTENTS EXECUTIVE SUMMARY...
More informationENTERPRISE RISK MANAGEMENT POLICY
ENTERPRISE RISK MANAGEMENT Approved by the Audit Committee on 14 February 2003 and adopted by resolution of the Board on 28 March 2003 Revisions approved by the Audit and Risk Committee on 14 February
More informationWelcome to Modulo Risk Manager Next Generation. Solutions for GRC
Welcome to Modulo Risk Manager Next Generation Solutions for GRC THE COMPLETE SOLUTION FOR GRC MANAGEMENT GRC MANAGEMENT AUTOMATION EASILY IDENTIFY AND ADDRESS RISK AND COMPLIANCE GAPS INTEGRATED GRC SOLUTIONS
More informationWebinar: Chart of Accounts Alignment through Information Governance
Webinar: Chart of Accounts Alignment through Information Governance Huron Presenters: Todd Weinstein Alex Vlaisavljevic August 28, 2014 Objectives & Agenda Webinar Objectives: Agenda Discuss the importance
More informationImplementing Practical Information Security Programs
Implementing Practical Information Security Programs CISO Summit March 17-19, 2013 Presented by: David Cass, SVP & Chief Information Security Officer, Elsevier Information Security & Data Protection Office
More informationIntelligent Customer Function (ICF)
CAPABILITY AUDIT FOR HEIs Higher Education Institutions (HEIs) should organically develop their own to successfully manage the process of strategic sourcing. The capability audit provides an assessment
More informationGovernance, Risk, and Compliance (GRC) White Paper
Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:
More informationTechnology and Analytics Roadmap Positioning for the Future
Technology and Analytics Roadmap Positioning for the Future ASU Summer Institute July 15, 2015 Suzanne Rabideau, Rabideau Consulting Brian Jung, MSS Technologies www.msstech.com Introductions Background
More information21 st Century Supply Chains (SC21) & BAE Systems Strategic Supply Chain Management
Harnessing Innovation 21 st Century Supply Chains (SC21) & BAE Systems Strategic Supply Chain Management Mike Webb 5 th June 2007 Customer Environment Customers are demanding increasing levels of Performance
More informationFIRST REPUBLIC BANK DIRECTORS ENTERPRISE RISK MANAGEMENT COMMITTEE CHARTER
FIRST REPUBLIC BANK DIRECTORS ENTERPRISE RISK MANAGEMENT COMMITTEE CHARTER PURPOSE: The purpose of the Directors Enterprise Risk Management Committee ( Committee ) is to provide oversight of the enterprise-wide
More informationHow To Manage It Asset Management On Peoplesoft.Com
PEOPLESOFT IT ASSET MANAGEMENT KEY BENEFITS Streamline the IT Asset Lifecycle Ensure IT and Corporate Compliance Enterprise-Wide Integration Oracle s PeopleSoft IT Asset Management streamlines and automates
More informationThe HR Value Proposition
The HR Value Proposition HRINZ Fall 2005 Dave Ulrich 1030 East 300 North Alpine, UT 84004 USA (801) 756-3240/e-mail: dou@umich.edu Please do not duplicate without permission from author. A paper based
More informationPrivacy by Design Setting a new standard for privacy certification
Privacy by Design Setting a new standard for privacy certification Privacy by Design is a framework based on proactively embedding privacy into the design and operation of IT systems, networked infrastructure,
More informationwww.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14
www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit (4:30-5:30) Draft v8 2-25-14 Common Myths 1. You have not been hacked. 2. Cyber security is about keeping the
More informationIT Governance (Worthwhile Exercise?) January 10, 2013 Presented by Chad Murphy, CISA
IT Governance (Worthwhile Exercise?) January 10, 2013 Presented by Chad Murphy, CISA Things we hear! You are making it much too complex. It is an IT problem! We do not know where to start! We do this already!
More informationNHS Lanarkshire Information Governance Committee
INFORMATION GOVERNANCE COMMITTEE DRAFT TERMS OF REFERENCE Name Purpose NHS Lanarkshire Information Governance Committee To provide direction of and oversee the development of NHS Lanarkshire Information
More informationStatus of Cloud Computing Environments within OPM (Report No. 4A-CI-00-14-028)
MEMORANDUM FOR KATHERINE ARCHULETA Director FROM: SUBJECT: PATRICK E. McFARLAND Inspector General Status of Cloud Computing Environments within OPM (Report No. 4A-CI-00-14-028) The purpose of this memorandum
More informationBoard of Directors Meeting 12/04/2010. Operational Risk Management Charter
Board of Directors Meeting 12/04/2010 Document approved Operational Risk Management Charter Table of contents A. INTRODUCTION...3 I. Background...3 II. Purpose and Scope...3 III. Definitions...3 B. GOVERNANCE...4
More informationPrinciples for An. Effective Risk Appetite Framework
Principles for An Effective Risk Appetite Framework 18 November 2013 Table of Contents Page I. Introduction... 1 II. Key definitions... 2 III. Principles... 3 1. Risk appetite framework... 3 1.1 An effective
More informationRecommendation for IT Governance Using the COBIT 4.1 Framework
Recommendation for IT Governance Using the COBIT 4.1 Framework William F. Slater, III, MBA, M.S., PMP, CISSP, CISA Week 7 Assignment CYBR 615 Cybersecurity Governance and Compliance January 27, 2013 January
More informationIntegrating Corporate Governance and Operational Risk Management
PVA International, Inc. 2005 Enterprise Risk Management Symposium Integrating Corporate Governance and Operational Risk Management Operational Risk Tools and Techniques Session (D5) Presented By Peter
More informationStrategic Plan. Page 1 of 6
Strategic Plan The following represents the current AACE International Strategic Plan as approved by the Board of Directors at our meeting in April 2014 in Chicago, IL. The Strategic Plan is organized
More informationFFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors
Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed
More informationMBA Curriculum Alignment Matrices California State University, Sacramento
MBA 1.1 Communication Skills MBA 1.2 Goal Setting MBA 1.3 Strategy Formulation ECON 204 Lecture; required presentations; graded group activities; short essays on the exams Lecture; in-class activities;
More informationAre You Ready to Implement the Legal Entity Identifier?
Are You Ready to Implement the Legal Entity Identifier? A Practical Strategy and Plan A whitepaper by First San Francisco Partners 2013 Copyright First San Francisco Partners Demystifying Legal Entity
More informationDo you know your privacy risks? How new technologies, changing business models, and emerging regulations are changing the data-protection landscape
January 2013 Do you know your privacy risks? How new technologies, changing business models, and emerging regulations are changing the data-protection landscape At a glance Threats to data security both
More informationProcurement Reporting - OBIEE
UC BERKELEY Procurement Reporting - OBIEE Project Charter Tracey Bolton 9/7/2011 0 P age Version 3 Project Name: Prepared by: EDW Procurement Reporting Project Tracey Bolton Date (MM/DD/YYYY): 08/4/2011
More informationEnterprise Security Architecture
Enterprise Architecture -driven security April 2012 Agenda Facilities and safety information Introduction Overview of the problem Introducing security architecture The SABSA approach A worked example architecture
More informationA Flexible and Comprehensive Approach to a Cloud Compliance Program
A Flexible and Comprehensive Approach to a Cloud Compliance Program Stuart Aston Microsoft UK Session ID: SPO-201 Session Classification: General Interest Compliance in the cloud Transparency Responsibility
More informationTHE IMPACT OF SECURITY ON APPLICATION DEVELOPMENT
THE IMPACT OF SECURITY ON APPLICATION DEVELOPMENT 2 EXECUTIVE SUMMARY The growth of enterprise-developed applications has made it easier for businesses to use technology to work more efficiently and productively.
More informationFoundation. Summary. ITIL and Services. Services - Delivering value to customers in the form of goods and services - End-to-end Service
ITIL ITIL Foundation Summary ITIL and s Design s - Delivering value to customers in the form of goods and services - End-to-end ITIL Best Practice - Scalable and not prescriptive - Gathered from Users,
More informationHow To Improve Your Business
IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends
More informationRISK AND COMPLIANCE COMMITTEE CHARTER
1. GENERAL SCOPE AND AUTHORITY 1.1 Introduction This charter governs the operations of the Risk & Compliance Committee of Redflex Holdings Limited (RHL or Company). 1.2 Purpose The Risk & Compliance Committee
More informationSUMMARY OF POSITION ROLE/RESPONSIBILITIES:
SUMMARY OF POSITION ROLE/RESPONSIBILITIES: Reporting to the Senior Vice President for Administration, this position is responsible for ensuring that the University of Florida, in its entirety, is compliant
More informationThe Bulletin. Is Your Compliance Management Making a Difference? The Present State of Compliance. Volume 4, Issue 10
The Bulletin Volume 4, Issue 10 Is Your Compliance Management Making a Difference? Compliance management consists of the organization s policies and processes for adhering to applicable laws and regulations.
More informationIT Service Management. The Role of Service Request Management
RL Consulting IT Service Management The Role of Service Request Management Prepared by: Rick Leopoldi June 1, 2007 Copyright 2001-2007. All rights reserved. Duplication of this document or extraction of
More informationConfident in our Future, Risk Management Policy Statement and Strategy
Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents
More informationING Group Compliance Risk Management Charter and Framework
ING Group Compliance Risk Management Charter and Framework Corporate Compliance Risk Management ING GROUP COMPLIANCE RISK MANAGEMENT CHARTER AND FRAMEWORK Information sheet Target audience: All employees
More information5 TIPS FOR MAXIMIZING THE VALUE OF YOUR SECURITY ASSESSMENT
5 5 TIPS FOR MAXIMIZING THE VALUE OF YOUR SECURITY ASSESSMENT 1 Anatomy of a Security Assessment With data breaches making regular headlines, it s easy to understand why information security is critical.
More informationVendor Management Program Office Onshore or offshore?
Vendor Management Program Office Onshore or offshore? Deloitte s previous article 1 discusses the five most common challenges which have prohibited clients from optimizing their Vendor Management (VM)
More informationInnovations in Outsourcing: The Microsoft Experience. Case Study
Innovations in Outsourcing: The Microsoft Experience Case Study Prepared by Dr. Beena George, Ph.D, Associate Professor at The University of St. Thomas GEO IAOP s Global Excellence in Outsourcing Award
More informationDeveloping a Proactive Compliance Monitoring Program
Developing a Proactive Compliance Monitoring Program Ed Nowicki Deputy Compliance Officer Corporate Compliance Pfizer Inc Lori Alarimo Senior Corporate Counsel Promotional Quality Assurance Pfizer Inc
More informationDepartment of Technology Services
Department of Technology Services 2016-2019 Strategic Plan DTS Dept. of Technology Services Utah Code 63F- 1-203 explicitly requires the Chief Information Officer (CIO) to prepare an executive branch strategic
More informationCONSULTING IMAGE PLACEHOLDER
CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization
More informationSTREAM Cyber Security
STREAM Cyber Security Management Software Governance, Risk Management & Compliance (GRC) Security Operations, Analytics & Reporting (SOAR) Fast, flexible, scalable, easy to use and affordable software
More informationAligning Compliance Program Priorities with Business Objectives
Aligning Compliance Program Priorities with Business Objectives By Jay G. Martin Vice President, Chief Compliance Officer and Senior Deputy General Counsel Baker Hughes Incorporated CAIL Institute for
More informationTying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation
Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus
More informationThe Risk Management strategy sets out the framework that the Council has established.
Derbyshire County Council Management Policy Statement The Authority adopts a proactive approach to Management to achieve Best Value and continuous improvement and is committed to the effective management
More informationPEOPLESOFT IT ASSET MANAGEMENT
PEOPLESOFT IT ASSET MANAGEMENT K E Y B E N E F I T S Streamline the IT Asset Lifecycle Ensure IT and Corporate Compliance Enterprise-Wide Integration P E O P L E S O F T F I N A N C I A L M A N A G E M
More informationKey USP s. Multiple PCI level GRC tool
PCI GRC tool Introduction GP history Visa level 1 approved hosting facility Niche product for a specific problem Reduce BAU cost and cost of PCI compliance Reduce cost in managing 3rd parties PCI stakeholder
More informationRisk management and the transition of projects to business as usual
Advisory Risk management and the transition of projects to business as usual Financial Services kpmg.com 2 Risk Management and the Transition of Projects to Business as Usual Introduction Today s banks,
More informationAdding Cloud Solutions to Customer Contracts Robert J. Scott
Adding Cloud Solutions to Customer Contracts Robert J. Scott MSP vs. Cloud Who owns the hardware? Where does the data reside? Dedicated vs. Multi tenant? Who contracts with 3 rd parties? How are services
More informationUnderstanding and articulating risk appetite
Understanding and articulating risk appetite advisory Understanding and articulating risk appetite Understanding and articulating risk appetite When risk appetite is properly understood and clearly defined,
More informationOperations. Group Standard. Business Operations process forms the core of all our business activities
Standard Operations Business Operations process forms the core of all our business activities SMS-GS-O1 Operations December 2014 v1.1 Serco Public Document Details Document Details erence SMS GS-O1: Operations
More informationHP and netforensics Security Information Management solutions. Business blueprint
HP and netforensics Security Information Management solutions Business blueprint Executive Summary Every day there are new destructive cyber-threats and vulnerabilities that may limit your organization
More informationOperational Risk Management - The Next Frontier The Risk Management Association (RMA)
Operational Risk Management - The Next Frontier The Risk Management Association (RMA) Operational risk is not new. In fact, it is the first risk that banks must manage, even before they make their first
More informationAgile Governance. Appropriate oversight for the Agile organisation. Chris Davies AXA Personal Lines Insurance. Andrew Craddock Partner - nlighten
Appropriate oversight for the Agile organisation Andrew Craddock Partner - nlighten Chris Davies AXA Personal Lines Insurance Governance Corporate Governance the set of processes, customs, policies, laws,
More informationStrategic Plan. Valid as of January 1, 2015
Strategic Plan Valid as of January 1, 2015 SBP 00001(01/2015) 2015 City of Colorado Springs on behalf of Colorado Springs Page 1 of 14 INTRODUCTION Integrated and long-term strategic, operational and financial
More informationA CPA recounts exponential growth in Compliance. Mary Ellen McLaughlin
Compliance TODAY September 2015 a publication of the health care compliance association www.hcca-info.org A CPA recounts exponential growth in Compliance an interview with Patricia Bickel Compliance and
More information