Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations
|
|
- Bruno Patterson
- 4 years ago
- Views:
Transcription
1 White Paper September 2009 Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations
2 Page 2 Contents 2 Executive summary 2 Negotiating a complex and dynamic regulatory and audit landscape 4 Managing compliance in five key areas 11 Realizing business benefits 11 For more information 12 About Tivoli software from IBM Executive summary Effective IT governance, risk and compliance (GRC) is essential for financial services organizations to meet increasingly stringent regulatory and audit requirements and reduce business operational risk. By instituting the appropriate IT GRC controls, organizations can demonstrate regulatory compliance in areas of specific concern to auditors. At the same time, these controls can take organizations beyond the immediate need to pass an audit and into the realm of reduced operational risk exposure through process improvements. IBM offers extensive capabilities through its IBM Tivoli and IBM Rational software offerings to help financial services organizations deal with specific regulatory and audit requirements, as well as with issues affecting long-term, ongoing risk management. Negotiating a complex and dynamic regulatory and audit landscape In practical terms, meeting every set of regulatory and audit requirements is a tremendous undertaking, given the number and scope of regulations that financial services organizations face, and the multitude of controls that must be put into place to comply with these regulations and to pass audits (see Figure 1). Not all organizations must conform to all of the regulations, however, or institute every possible control; it depends on a number of factors, including the jurisdiction in which a company operates and the type of business it conducts. For example, SB 1386 is a law that applies only to companies that have customers or employees in California. And HIPAA, or the
3 Page 3 Health Insurance Portability and Accountability Act, is a U.S. healthcare industry-specific law whose requirements apply only to financial services companies that are engaged in business that touches on healthcare and health information. Meeting regulatory requirements is a challenge that requires financial services organizations to have multiple combinations of IT controls in place.
4 Page 4 Regulatory compliance presents a daunting challenge involving multiple sets of requirements and varying combinations of controls to enable and demonstrate compliance. Simply passing an audit does not necessarily mean an organization is effectively managing operational risk only that the organization is capable of passing the audit. Although it s true that all regulations do not necessarily apply to all organizations, regulatory compliance still presents a daunting challenge involving multiple sets of requirements and varying combinations of controls to enable and demonstrate compliance. Furthermore, the already-crowded regulatory landscape is only going to grow more so. Another wave of regulation is emerging as the result of recent financial upheavals, and legislative bodies are already implementing new rules governing the financial services industry worldwide. Financial services organizations must be prepared to meet the additional regulatory and audit requirements that will arise. Managing compliance in five key areas To address concerns about complying with regulations and passing audits, financial services organizations should recognize that there are generally five key areas in which auditors will seek evidence that an organization has effective IT controls in place (see Figure 2). Organizations must demonstrate effective controls in all five categories to pass regulatory compliance and IT audits. And beyond the immediate need to pass an audit, having effective controls in place in these areas also provides a strong information foundation for operational risk management and reporting, to help address ongoing business risk. This is important because simply passing an audit does not necessarily mean an organization is effectively managing risk only that the organization is capable of passing the audit. To pass audits and effectively manage operational risk requires a proactive GRC infrastructure.
5 Page 5 Category Access Segregation of duty Change management IT operations Application development IT governance and risk compliance audit classification Examples Physical security Logical security Identity access management Roles Access rights Asset management Version control Provisioning Service management Incident management Batch support Backup/restore Network Infrastructure management Software development lifecycle support User acceptance testing Unit testing Financial services organizations must demonstrate effective controls in five major categories in order to pass regulatory compliance and IT audits. The remainder of this paper describes each of the five categories in detail and presents examples of financial services organizations that have successfully addressed them using IBM solutions. Access to sensitive information must be protected both on a physical (systems) level and on a logical (data) level. Access Controlling access to information appropriately is an important component of compliance because so many regulations address the privacy and security of sensitive data. For example, in the U.S., the Gramm-Leach-Bliley Act includes provisions to protect consumers personal financial information held by financial institutions. Controlling access is challenging not only because of the
6 Page 6 number of regulations, but also because of the number of different types of IT systems, networks, applications and data formats that may exist across an organization. Access to sensitive information must be protected both on a physical (systems) level and on a logical (data) level. IBM offers a number of different capabilities to address data protection, focusing particularly on access management. These capabilities are designed to ensure that people who require legitimate access to information have it when they need it, and that people who should not have access do not, as well as to demonstrate appropriate access to auditors. IBM solutions help ensure that access policies are congruent at the business, architectural and IT operational levels. They are designed to enable centralized management of access policies, to minimize inconsistencies and errors that can result from attempting to manage them at multiple points. A large South American bank is using IBM solutions to securely manage the entire customer access lifecycle, from account creation to termination. To meet access management needs, a large retail banking operation in South America deployed a solution that brings together IBM Tivoli Access Manager, IBM Tivoli Directory Integrator, and IBM Tivoli Identity Manager. Using these products in combination with an IBM Service Management solution for security, the bank is able to securely manage the entire customer access lifecycle, from account creation to termination. The solution improves access control by automatically identifying and removing orphan accounts and by providing greater accountability and auditing associated with password usage. It also improves governance by simplifying compliance reporting. The result is an environment in which controls are in place not just to demonstrate that the bank is conforming to regulatory requirements for keeping information private, but also to ensure that the privacy of that information is maintained on an ongoing basis.
7 Page 7 Identity and access management solutions such as Tivoli Identity Manager enable IT administrators to avoid issues related to separation of duty by provisioning users and managing roles methodically and efficiently. Segregation of duty Segregation of duty is an aspect of access control that constitutes a key requirement of the Sarbanes-Oxley Act of 2002 and similar laws outside of the U.S. Segregation of duty refers to the need to make sure that no one person performs multiple duties or fills multiple roles in such a way as to constitute a conflict that could compromise the integrity of business data. For example, someone who is responsible for issuing purchase orders should not also be responsible for issuing checks. After a merger in the financial services industry, there may be confusion about user roles if a teller is called an associate teller in one bank and an assistant teller in the other, for example which could lead to a lack of clarity about which privileges are appropriate for an individual based on his or her role. This lack of clarity puts the organization at greater risk for failure to segregate duties appropriately. Identity and access management solutions such as Tivoli Identity Manager enable IT administrators to avoid issues related to separation of duty by provisioning users and managing roles methodically and efficiently. An international bank based in Australia has integrated IBM Tivoli software into its IBM WebSphere portal application infrastructure, using capabilities for identity and access management to improve access to bank resources. The organization addresses segregation of duty and other access concerns by providing employees with appropriate access to different applications based on their roles. The software also improves employee productivity by enabling users to gain access to those applications, when they need to, without having to enter different passwords or be reauthenticated. IBM provides a process-automation engine for facilitating change management, helping to ensure that changes to the IT infrastructure are executed with minimal risk. Change management Operational risk is an inevitable consequence of change, but this risk can be reduced or managed in the IT environment with the right change management controls in place. Change management provides a methodical way of accommodating inevitable change in the IT infrastructure so that any associ-
8 Page 8 IBM helped a Swiss financial services company streamline their change management processes, resulting in the consolidation of 40 distinct change processes into one. Asserting appropriate controls over IT operations helps financial services organizations make sure that systems and networks are running properly and that data is protected against the risk of compromise due to operational failures. ated risk is minimized. IBM provides a process-automation engine for this purpose. When change is introduced, the IBM solution automatically ensures that the necessary tasks occur on time and as planned. This approach reduces the chance of errors or oversights in the change process that could create business operational and compliance risks by compromising operations or security. A Swiss financial services company turned to IBM to help streamline their change management processes. IBM s solution for the company consolidated 40 change processes into one, using IBM Rational Method Composer, IBM Tivoli Change and Configuration Management Database (CCMDB), IBM Tivoli Release Process Manager, IBM Tivoli Provisioning Manager and IBM Tivoli Asset Management for IT software. These integrated Rational and Tivoli solutions enabled the firm to move away from a siloed, manual approach. As a result, the company has both reduced operational risk by improving its governance of service management and reduced compliance risk by enhancing its ability to address regulatory requirements. IT operations Asserting appropriate controls over IT operations helps financial services organizations make sure that systems and networks are running properly and that data is protected against the risk of compromise due to operational failures. By ensuring proper operations, the organization protects itself against both business operational risk and compliance risk. Historically, banks have used past loss data as the foundation for reducing the chances of operational failure. However, quantitative impact studies by banking regulators indicate that continuous, automated monitoring is more beneficial than the study of past data as a means of preventing future problems.1,2 IBM helps financial services organizations keep IT operations running smoothly by providing
9 Page 9 IBM helped one financial institution establish a Command Center to maximize service availability and performance, resulting in the prevention of roughly 500 service disruptions. technology and services to comprehensively monitor IT events, report on event cause-and-effect, and track the business operations impact of IT events and delivering critical information directly to the desktop through customizable dashboard views. As part of one financial institution s initiative to maximize service availability and performance, IBM worked with the company to establish a Command Center from which to monitor services delivery and interdict service disruptions. The Command Center leverages IBM Tivoli application monitoring tools to reduce the risk of disruptions and remediate performance issues related to critical business processes. In its first year of operations, the Command Center prevented roughly 500 service disruptions. In addition, it enabled the institution to identify and deliver 26 availability and quality improvement recommendations. Application development As regulatory change continues, IT organizations must respond by assessing applications to determine whether they comply with evolving regulatory requirements and then, most likely, modifying them to meet those requirements. Even if many of a financial services organization s applications are from third parties, it remains the responsibility of the organization to ensure compliance when those applications change or are replaced by new ones. IBM Rational AppScan software can be a valuable tool in testing applications to ensure their integrity before rolling them out in a real-world production environment. One asset servicing organization leveraged this software in its efforts to create new securities-transaction applications that incorporate more rigorous security practices. The company was able to use IBM Rational AppScan software to identity, analyze and remediate security issues from development through deployment.
10 Page 10 One of the most important concerns for IT is to smooth the path between application development and deployment, to ensure not only that the software is fully tested and fixed in development but also that it runs smoothly in production. One of the most important concerns for IT is to smooth the path between application development and deployment, to ensure not only that the software is fully tested and fixed in development but also that it runs smoothly in production. Figure 3 shows how IBM Tivoli software and IBM Rational software work together to help bridge the gap between development and operations. Essentially, having both of these resources enables organizations to successfully perform application testing and fixes during development, using Rational AppScan software, and then to integrate those efforts into the production environment with IBM Tivoli change management software and other tools. The integrated environment enables the two areas to work together seamlessly and cost-efficiently. IBM Tivoli and IBM Rational software work together to bridge the gap between development and operations.
11 Page 11 Realizing business benefits The benefits of instituting IT controls to address the five major areas of concern to auditors extend beyond the ability to comply with regulatory requirements or to pass an audit. The IBM solutions described in this paper deliver IT GRC business benefits on several levels. Reduce compliance and audit costs. IBM solutions help reduce the costs of regulatory compliance and audits by providing improved monitoring and oversight to management, and by improving regulatory compliance reporting. This can lead to better risk ratings. Reduce operational risk exposure. IBM solutions can help reduce operational risk exposure by providing key measures for risk and controls matrices assessments. They can improve business performance by identifying gaps and failing processes that need to be addressed. Reduce the cost of IT operations. IBM solutions can help reduce the overall cost of operations by providing an effective feedback loop between the development and operations components of IT, so that the two organizations can work together more efficiently and effectively to reduce operational risk exposure. For more information To learn more about Tivoli and Rational solutions to help address IT GRC requirements in your financial services organization, contact your IBM representative or IBM Business Partner, or visit ibm.com/tivoli and ibm.com/rational.
12 About Tivoli software from IBM Tivoli software offers a service management platform for organizations to deliver quality service by providing visibility, control and automation visibility to see and understand the workings of their business; control to effectively manage their business, help minimize risk and protect their brand; and automation to help optimize their business, reduce the cost of operations and deliver new services more rapidly. Unlike IT-centric service management, Tivoli software delivers a common foundation for managing, integrating and aligning both business and technology requirements. Tivoli software is designed to quickly address an organization s most pressing service management needs and help proactively respond to changing business demands. The Tivoli portfolio is backed by world-class IBM Services, IBM Support and an active ecosystem of IBM Business Partners. Tivoli clients and Business Partners can also leverage each other s best practices by participating in independently run IBM Tivoli User Groups around the world visit Copyright IBM Corporation 2009 IBM Corporation Software Group Route 100 Somers, NY U.S.A. Produced in the United States of America September 2009 All Rights Reserved IBM, the IBM logo, ibm.com, Tivoli and Rational are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol ( or ), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at Copyright and trademark information at ibm.com/legal/copytrade.shtml Other company, product and service names may be trademarks or service marks of others. References in this publication to IBM products and services do not imply that IBM intends to make them available in all countries in which IBM operates. The customer is responsible for ensuring compliance with legal requirements. It is the customer s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law or regulation. 1 Bies, Susan Schmidt, Linkages between internal capital measures and regulatory capital requirements. Speech given at the International Center for Business Information s Risk Management Conference: Basel Summit, Geneva, Switzerland, December 6, / /default.htm 2 Qualitative Impact Studies, Basel Committee on Banking Supervision. No part of this document may be reproduced or transmitted in any form without written permission from IBM Corporation. Product data has been reviewed for accuracy as of the date of initial publication. Product data is subject to change without notice. Any statements regarding IBM s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. THE INFORMATION PROVIDED IN THIS DOCUMENT IS DISTRIBUTED AS IS WITHOUT ANY WARRANTY, EITHER EXPRESS OR IMPLIED. IBM EXPRESSLY DISCLAIMS ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements (e.g. IBM Customer Agreement, Statement of Limited Warranty, International Program License Agreement, etc.) under which they are provided. TIW14039-USEN-00
White paper December 2008. Addressing single sign-on inside, outside, and between organizations
White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli
IBM Tivoli Netcool network management solutions for enterprise
IBM Netcool network management solutions for enterprise The big picture view that focuses on optimizing complex enterprise environments Highlights Enhance network functions in support of business goals
Service management White paper. Manage access control effectively across the enterprise with IBM solutions.
Service management White paper Manage access control effectively across the enterprise with IBM solutions. July 2008 2 Contents 2 Overview 2 Understand today s requirements for developing effective access
IBM asset management solutions White paper. Using IBM Maximo Asset Management to manage all assets for hospitals and healthcare organizations.
IBM asset management solutions White paper Using IBM Maximo Asset Management to manage all assets for hospitals and healthcare organizations. September 2007 2 Contents 2 Executive summary 3 Introduction
IBM Maximo Asset Management Essentials
Enterprise asset capabilities for small and midsized organizations IBM Maximo Asset Essentials Highlights Leverage enterprise asset capabilities in a package specifically designed for small and midsized
White paper December 2008. IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview
White paper December 2008 IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview Page 2 Contents 2 Executive summary 2 The enterprise access challenge 3 Seamless access to applications 4
Reduce your data storage footprint and tame the information explosion
IBM Software White paper December 2010 Reduce your data storage footprint and tame the information explosion 2 Reduce your data storage footprint and tame the information explosion Contents 2 Executive
White paper September 2009. Realizing business value with mainframe security management
White paper September 2009 Realizing business value with mainframe security management Page 2 Contents 2 Executive summary 2 Meeting today s security challenges 3 Addressing risks in the mainframe environment
Effective storage management and data protection for cloud computing
IBM Software Thought Leadership White Paper September 2010 Effective storage management and data protection for cloud computing Protecting data in private, public and hybrid environments 2 Effective storage
Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.
Security management White paper Develop effective user management to demonstrate compliance efforts and achieve business value. September 2008 2 Contents 2 Overview 3 Understand the challenges of user
Empowering intelligent utility networks with visibility and control
IBM Software Energy and Utilities Thought Leadership White Paper Empowering intelligent utility networks with visibility and control IBM Intelligent Metering Network Management software solution 2 Empowering
Easily deploy and move enterprise applications in the cloud
Easily deploy and move enterprise applications in the cloud IBM PureApplication solutions offer a simple way to implement a dynamic hybrid cloud environment 2 Easily deploy and move enterprise applications
IBM Tivoli Netcool network management solutions for SMB
IBM Netcool network management solutions for SMB An integrated approach enhances IT as it supports business needs for the SMB environment Highlights Automate management tasks to reduce IT workload and
Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.
Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007 2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover
IBM Tivoli Netcool Configuration Manager
IBM Netcool Configuration Manager Improve organizational management and control of multivendor networks Highlights Automate time-consuming device configuration and change management tasks Effectively manage
Driving workload automation across the enterprise
IBM Software Thought Leadership White Paper October 2011 Driving workload automation across the enterprise Simplifying workload management in heterogeneous environments 2 Driving workload automation across
IBM Tivoli Storage Manager for Virtual Environments
IBM Storage Manager for Virtual Environments Non-disruptive backup and instant recovery: Simplified and streamlined Highlights Simplify management of the backup and restore process for virtual machines
Effective Storage Management for Cloud Computing
IBM Software April 2010 Effective Management for Cloud Computing April 2010 smarter storage management Page 1 Page 2 EFFECTIVE STORAGE MANAGEMENT FOR CLOUD COMPUTING Contents: Introduction 3 Cloud Configurations
Realizing business flexibility through integrated SOA policy management.
SOA policy management White paper April 2009 Realizing business flexibility through integrated How integrated management supports business flexibility, consistency and accountability John Falkl, distinguished
Overcoming challenges of asset management amid declining federal budgets
IBM Software Government Thought Leadership White Paper Overcoming challenges of asset management amid declining federal budgets Extending government infrastructure life cycles with IBM Maximo solutions
Optimizing government and insurance claims management with IBM Case Manager
Enterprise Content Management Optimizing government and insurance claims management with IBM Case Manager Apply advanced case management capabilities from IBM to help ensure successful outcomes Highlights
CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes.
TECHNOLOGY BRIEF: REDUCING COST AND COMPLEXITY WITH GLOBAL GOVERNANCE CONTROLS CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes. Table of Contents Executive
IBM Software Integrated Service Management: Visibility. Control. Automation.
IBM Software Integrated Service Management: Visibility. Control. Automation. Enabling service innovation 2 Integrated Service Management: Visibility. Control. Automation. Every day, the world is becoming
Achieve greater efficiency in asset management by managing all your asset types on a single platform.
Asset solutions To support your business objectives Achieve greater efficiency in asset by managing all your asset types on a single platform. When you use Maximo Asset Management to help maximize the
BLACKICE ERA and PureData System for Analytics
BLACKICE ERA and PureData System for Analytics Address new and evolving regulations and best practices Highlights Utilize 120+ best practices reports in Cognos and Excel; prepackaged and complete with
Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives.
Security solutions To support your business objectives Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives. For an On Demand Business, security
Strengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
IBM Software Cloud service delivery and management
IBM Software Cloud service delivery and management Rethink IT. Reinvent business. 2 Cloud service delivery and management Virtually unparalleled change and complexity On this increasingly instrumented,
Unified management supports the convergence of healthcare assets
IBM Software Thought Leadership White Paper September 2011 Unified management supports the convergence of healthcare assets IBM Maximo Asset Management addresses patient care, facilities and technology
How To Understand And Implement Pas 55
White Paper June 2009 Enabling the benefits of PAS 55: The new standard for asset management in the industry Page 2 Contents 2 Introduction 2 The PAS 55 asset management standard 4 The scope of PAS 55
Strategies for assessing cloud security
IBM Global Technology Services Thought Leadership White Paper November 2010 Strategies for assessing cloud security 2 Securing the cloud: from strategy development to ongoing assessment Executive summary
An Oracle White Paper January 2010. Access Certification: Addressing & Building on a Critical Security Control
An Oracle White Paper January 2010 Access Certification: Addressing & Building on a Critical Security Control Disclaimer The following is intended to outline our general product direction. It is intended
Reducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
IBM Rational AppScan: enhancing Web application security and regulatory compliance.
Strategic protection for Web applications To support your business objectives IBM Rational AppScan: enhancing Web application security and regulatory compliance. Are untested Web applications putting your
IBM Tivoli Endpoint Manager for Lifecycle Management
IBM Endpoint Manager for Lifecycle Management A single-agent, single-console approach for endpoint management across the enterprise Highlights Manage hundreds of thousands of endpoints regardless of location,
Provide access control with innovative solutions from IBM.
Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business
IBM Security Privileged Identity Manager helps prevent insider threats
IBM Security Privileged Identity Manager helps prevent insider threats Securely provision, manage, automate and track privileged access to critical enterprise resources Highlights Centrally manage privileged
IBM Cognos Controller
IBM Cognos Controller Accurate, auditable close, consolidation and reporting in a solution managed by the office of finance Highlights Provides all close, consolidation and reporting capabilities Automates
IBM Maximo Asset Management solutions for the oil and gas industry
IBM Software Oil and Gas IBM Maximo Asset solutions for the oil and gas industry Helping oil and gas companies achieve operational excellence 2 IBM Maximo Asset solutions for the oil and gas industry Highlights
IBM Tivoli Service Request Manager
Deliver high-quality services while helping to control cost IBM Tivoli Service Request Manager Highlights Streamline incident and problem management processes for more rapid service restoration at an appropriate
Improve business agility with WebSphere Message Broker
Improve business agility with Message Broker Enhance flexibility and connectivity while controlling costs and increasing customer satisfaction Highlights Leverage business insight by dynamically enriching
For healthcare, change is in the air and in the cloud
IBM Software Healthcare Thought Leadership White Paper For healthcare, change is in the air and in the cloud Scalable and secure private cloud solutions can meet the challenges of healthcare transformation
IBM Tivoli Remote Control
Robust remote desktop management across the enterprise IBM Tivoli Remote Control Highlights Enables organizations to Supports Federal Desktop Core remotely manage thousands of Configuration (FDCC) and
IBM Tivoli Netcool network management solutions for VoIP
IBM Netcool network management solutions for VoIP Putting service providers on the path to fulfilling the promises of VoIP Highlights Proactively manage the VoIP infrastructure to help avoid problems and
Real-time asset location visibility improves operational efficiencies
Real-time asset location visibility improves operational efficiencies Offering smart capabilities for asset tracking to dramatically improve efficiency and lower cost Highlights Improve asset utilization
Understanding the real risk for asset-intensive companies
IBM Software Thought Leadership White Paper December 2011 Understanding the real risk for asset-intensive companies Five myths behind the value of ERP solutions as an asset management tool 2 Understanding
Implement a unified approach to service quality management.
Service quality management solutions To support your business objectives Implement a unified approach to service quality management. Highlights Deliver high-quality software applications that meet functional
Asset management for local government
IBM Software Government Thought Leadership White Paper Asset management for local government Achieving unified enterprise asset management with IBM Maximo software 2 Asset management for local government
IBM Tivoli Endpoint Manager for Security and Compliance
IBM Endpoint Manager for Security and Compliance A single solution for managing endpoint security across the organization Highlights Provide up-to-date visibility and control from a single management console
IBM Tivoli Endpoint Manager for Lifecycle Management
IBM Endpoint Manager for Lifecycle Management A single-agent, single-console approach for endpoint management across the enterprise Highlights Manage hundreds of thousands of endpoints regardless of location,
Preemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
Gain a competitive edge through optimized B2B file transfer
Gain a competitive edge through optimized B2B file transfer Contents: 1 Centralized systems enable business success 2 Business benefits of strategic file transfer that you can experience for yourself 2
Minimizing code defects to improve software quality and lower development costs.
Development solutions White paper October 2008 Minimizing code defects to improve software quality and lower development costs. IBM Rational Software Analyzer and IBM Rational PurifyPlus software Kari
IBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to
IBM Endpoint Manager for Core Protection
IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,
IBM Unstructured Data Identification and Management
IBM Unstructured Data Identification and Management Discover, recognize, and act on unstructured data in-place Highlights Identify data in place that is relevant for legal collections or regulatory retention.
When millions need access: Identity management in an increasingly connected world
IBM Software Thought Leadership White Paper January 2011 When millions need access: Identity management in an increasingly connected world Best practice solutions that scale to meet today s huge numbers
Four keys to effectively monitor and control secure file transfer
Four keys to effectively monitor and control secure file transfer Contents: 1 Executive summary 2 Key #1 Make your data visible wherever it is in the network 2 Key #2 Reduce or even eliminate ad hoc use
Maximizing Cross-Platform Application Availability
June 2005 Maximizing Cross-Platform Application Availability Robert Kennedy, SCM Product Manager Karen Wade, SCM Product Marketing Manager Page 2 Contents 2 The challenges of change in complex computing
IBM Policy Assessment and Compliance
IBM Policy Assessment and Compliance Powerful data governance based on deep data intelligence Highlights Manage data in-place according to information governance policy. Data topology map provides a clear
Automated, centralized management for enterprise servers
IBM Software Thought Leadership White Paper February 2012 Automated, centralized management for enterprise servers Servers present unique management challenges but IBM Endpoint Manager is up to the job
Reaping the rewards of your serviceoriented architecture infrastructure
IBM Global Services September 2008 Reaping the rewards of your serviceoriented architecture infrastructure How real-life organizations are adding up the cost savings and benefits Executive summary Growing
Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.
Security solutions To support your IT objectives Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Highlights Balance effective security with
Continuing the MDM journey
IBM Software White paper Information Management Continuing the MDM journey Extending from a virtual style to a physical style for master data management 2 Continuing the MDM journey Organizations implement
IBM InfoSphere Information Server Ready to Launch for SAP Applications
IBM Information Server Ready to Launch for SAP Applications Drive greater business value and help reduce risk for SAP consolidations Highlights Provides a complete solution that couples data migration
Select the right configuration management database to establish a platform for effective service management.
Service management solutions Buyer s guide: purchasing criteria Select the right configuration management database to establish a platform for effective service management. All business activities rely
IBM Tealeaf solutions
IBM Software Industry Solutions IBM Tealeaf solutions Empowering e-business with pioneering Customer Experience Management solutions IBM Tealeaf solutions IBM Tealeaf solutions are designed to help companies
Achieving business agility and cost optimization by reducing IT complexity. The value of adding ESB enrichment to your existing messaging solution
Smart SOA application integration with WebSphere software To support your business objectives Achieving business agility and cost optimization by reducing IT complexity. The value of adding ESB enrichment
Move beyond monitoring to holistic management of application performance
Move beyond monitoring to holistic management of application performance IBM SmartCloud Application Performance Management: Actionable insights to minimize issues Highlights Manage critical applications
Information Management Configuring External Storage for Archive and Backup
Information Management Configuring External Storage for Archive and Backup InfoSphere Guardium Technical Document Contents 1.FTP AND SCP...3 2.TSM AND EMC CENTERA...3 2 1. FTP and SCP FTP and SCP external
ORACLE HYPERION DATA RELATIONSHIP MANAGEMENT
Oracle Fusion editions of Oracle's Hyperion performance management products are currently available only on Microsoft Windows server platforms. The following is intended to outline our general product
Stay ahead of insiderthreats with predictive,intelligent security
Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent
IBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
System Security and Auditing for IBM i
IBM Systems Lab Services and Training Power Services System Security and Auditing for IBM i Security breach prevention and protection 2 System Security and Auditing for IBM i Highlights Reduce the risk
Contract management's effect on in house counsel
IBM Software Industry Solutions Industry/Product Identifier Contract management's effect on in house counsel Impacting contract visibility, analysis and compliance Emptoris Contract Management Solutions
IBM Software. IBM TRIRIGA: The power of true integration in workplace management solutions
IBM Software IBM TRIRIGA: The power of true integration in workplace management solutions 2 IBM TRIRIGA: The power of true integration in workplace management solutions Introduction In today s increasingly
IBM InfoSphere: Solutions for retail
IBM Software Solution Brief IBM InfoSphere: Solutions for retail Build a single view of customer information and a trusted source for product information with data integration and master data management
Address IT costs and streamline operations with IBM service request and asset management solutions.
Service management solutions To support your IT objectives Address IT costs and streamline operations with IBM service request and asset management solutions. Highlights Help service desk technicians become
Software asset management White paper. Improving IT service delivery through an integrated approach to software asset management.
Software asset management White paper Improving IT service delivery through an integrated approach to software asset management. September 2008 2 Contents 2 Introduction 3 The challenges of managing software
IBM SmartCloud Monitoring
IBM SmartCloud Monitoring Gain greater visibility and optimize virtual and cloud infrastructure Highlights Enhance visibility into cloud infrastructure performance Seamlessly drill down from holistic cloud
An integrated approach to managing today s energy and utility assets
IBM Software Thought Leadership White Paper September 2011 An integrated approach to managing today s energy and utility assets IBM Maximo Asset Management addresses physical, human and technology challenges
Sallie Mae slashes change management costs and complexity with CA SCM
CUSTOMER SUCCESS STORY Sallie Mae slashes change management costs and complexity with CA SCM CUSTOMER PROFILE Industry: Financial services Company: Sallie Mae Customers: 23 million Student loan portfolio:
Life insurance policy administration: Operate efficiently and capitalize on emerging opportunities.
Life insurance policy administration: Operate efficiently and capitalize on emerging opportunities. > RESPOND RAPIDLY TO CHANGING MARKET CONDITIONS > DRIVE CUSTOMER AND AGENT LOYALTY > ENHANCE INTEGRATION
IBM Endpoint Manager for Server Automation
IBM Endpoint Manager for Server Automation Leverage advanced server automation capabilities with proven Endpoint Manager benefits Highlights Manage the lifecycle of all endpoints and their configurations
Security solutions White paper. Succeeding with automated identity management implementations.
Security solutions White paper Succeeding with automated identity management implementations. March 2007 2 Contents 2 Overview 2 Understand how Tivoli Identity Manager addresses security challenges 4 Requirements
IBM Software IBM Business Process Management Suite. Increase business agility with the IBM Business Process Management Suite
IBM Software IBM Business Process Management Suite Increase business agility with the IBM Business Process Management Suite 2 Increase business agility with the IBM Business Process Management Suite We
Extend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database.
IBM Service Management solutions and the service desk White paper Extend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database. December
Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,
Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security, streamline compliance reporting, and reduce the overall
Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
Open source, commercial software or a coexistence strategy?
Application lifecycle management White paper December 2009 Open source, commercial software or a coexistence strategy? Deciding what s right for your needs Jean Louis Vignaud, senior manager, Rational
Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.
Web application security Executive brief Managing a growing threat: an executive s guide to Web application security. Danny Allan, strategic research analyst, IBM Software Group Contents 2 Introduction
IBM Tivoli Compliance Insight Manager
Facilitate security audits and monitor privileged users through a robust security compliance dashboard IBM Highlights Efficiently collect, store, investigate and retrieve logs through automated log management
Cloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
Agile enterprise content management and the IBM Information Agenda.
Transforming your content into a trusted, strategic asset Agile enterprise content management and the IBM Information Agenda. Delivering a common information framework for uncommon business agility Highlights
Improving sales effectiveness in the quote-to-cash process
IBM Software Industry Solutions Management Improving sales effectiveness in the quote-to-cash process Improving sales effectiveness in the quote-to-cash process Contents 2 Executive summary 2 Effective
Gaining insight into critical enterprise applications with IBM CICS and business events
White Paper July 2009 Gaining insight into critical enterprise applications with IBM CICS and business events By Catherine Moxey, Senior Developer, IBM CICS Transaction Server Page 2 2 2 Contents Executive
Real-Time Security for Active Directory
Real-Time Security for Active Directory Contents The Need to Monitor and Control Change... 3 Reducing Risk and Standardizing Controls... 3 Integrating Change Monitoring... 4 Policy Compliance... 4 The
IBM ediscovery Identification and Collection
IBM ediscovery Identification and Collection Turning unstructured data into relevant data for intelligent ediscovery Highlights Analyze data in-place with detailed data explorers to gain insight into data
Network change is constant: Configuration and compliance management can help
IBM Software September 2010 Thought Leadership White Paper Network change is constant: Configuration and compliance management can help Integration with existing Tivoli applications helps correct errors
Web servers and WebSphere Portal
Web servers and WebSphere Portal By default IBM WebSphere Portal uses the internal HTTP transport within IBM WebSphere Application Server to handle requests. However, because WebSphere Application Server