Controls over CIS. Ryan O Halloran, Senior Manager KPMG Hobart. TAO Client Information Session. May 2015
|
|
|
- Abner Baldwin
- 10 years ago
- Views:
Transcription
1 Controls over CIS Ryan O Halloran, Senior Manager KPMG Hobart TAO Client Information Session May 2015
2 Agenda The KPMG presenters information: Ryan O Halloran Advisory Senior Manager, Hobart Tel: (03) [email protected] Controls over CIS Cloud Security IT Governance Disaster Recovery and Incident Management Questions Example Routines 1
3 Cloud Security
4 Cloud Security What is the Cloud? The Cloud is storing and accessing data and programs over the Internet rather than on your computer s hard drive or a local server on your network. Cloud services may be used for: Storing data Backups Providing Software as a Service (SaaS) 3
5 Cloud Security Could Storage Box Dropbox Google Drive icloud OneDrive 4
6 Cloud Security Risks Where is our data stored? Who can access it? 5
7 IT Governance
8 IT Governance Why is it Important? Helps make sure organisational objectives are being met IT is only valuable when it provides a positive influence to business outcomes 7
9 IT Governance Why is it Important? 8
10 IT Governance Four Areas of Governance Are we doing the right things? Are we receiving the benefits? IT Governance Are we doing them the right way? Are we doing things well? 9
11 Disaster Recovery and Incident Management
12 Disaster Recovery and Incident Management Why is it important? Disaster recovery is more than just having a backup What are the most important systems you have? How long can you operate without them? How are you going to respond if something goes wrong? What happens if there is an information or data breach? How would you manage the response? Who is responsible for coordinating and communicating any response? 11
13 Any Questions?
14 Thank you Presentation by Ryan O Halloran
15 2015 KPMG, an Australian partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ( KPMG International ), a Swiss entity. All rights The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International. The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International.
KPMG s integrated Risk Management solution
KPMG s integrated Risk Management solution Business DialogueS breakfast conference 20/09/2011 Agenda Integrated Risk Management Spirit and Solutions The SaaS mechanism Conclusion 1 Solvency II extract
Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management
Introductions KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management Agenda 1. Introduction 2. What is Cloud Computing? 3. The Identity Management
The Cloud. IIA Seminar, York April 30 th 2015. www.bakertilly.co.uk
The Cloud IIA Seminar, York April 30 th 2015 www.bakertilly.co.uk Introduction David Morris Technology Services Director with Baker Tilly Qualified Internal Auditor Based in Manchester Baker Tilly is an
The three lines of defence
Audit Committee Institute Sponsored by KPMG The three lines of defence 1 The three lines of defence Audit committees these days are burdened with a lengthy list of mandatory agenda items, and must find
Orchestrating the New Paradigm Cloud Assurance
Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems
How To Understand Cloud Computing
CLOUD COMPUTING Jillian Raw Partner, Kennedys http://www.kennedys-law.com/jraw/ Cloud Computing- what they say about it the cloud will transform the information technology industry profoundly change the
Software-as-a-Service (SaaS) Solutions from CA Technologies Frequently asked questions
FAQ Edition / April 30, 2014 Software-as-a-Service (SaaS) Solutions from CA Technologies Frequently asked questions FAQ Edition April 2014 Informational Guidelines Table of Contents EXECUTIVE SUMMARY...
Data Centre Managed Services Market
Data Centre Managed Services Market Martin Molloy 20/03/2012 Macro Challenges Recession User growth and diversity The world of collaboration Clouds on the horizon Cloud market - 48% compound annual growth
HARNESSING THE POWER OF THE CLOUD
HARNESSING THE POWER OF THE CLOUD Demystifying Cloud Computing Everyone is talking about the cloud nowadays. What does it really means? Indeed, cloud computing is the current stage in the Internet evolution.
Security management in the internet era
Security management in the internet era Cloud Security (1) Septemberr 29, 2011 Jun Murai Keio University! Suguru Yamaguchi! Nara Institute of Science and Technology! Schedule 01st (09/22) Course Description
Microsoft Dynamics CRM as a. Service. G-Cloud Pricing. Service - Pricing. Commercial in Confidence
Microsoft Dynamics CRM as a Service Microsoft Dynamics CRM as a Service - Pricing 2014 CGI IT UK Limited All rights reserved December 2014 - Seventh Floor, Kings Place, 90 York Way, London, N1 9AG Founded
Cloud Computing An Auditor s Perspective
Cloud Computing An Auditor s Perspective Sailesh Gadia, CPA, CISA, CIPP [email protected] December 9, 2010 Discussion Agenda Introduction to cloud computing Types of cloud services Benefits, challenges,
Security, Compliance & Risk Management for Cloud Relationships. Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32
Security, Compliance & Risk Management for Cloud Relationships Adnan Dakhwe, MS, CISA, CRISC, CRMA Safeway Inc. In-Depth Seminars D32 Introductions & Poll Organization is leveraging the Cloud? Organization
Protecting Your Data On The Network, Cloud And Virtual Servers
Protecting Your Data On The Network, Cloud And Virtual Servers How SafeGuard Encryption can secure your files everywhere The workplace is never static. Developments include the widespread use of public
KPMG KUWAIT TAX. Other Services
KPMG KUWAIT TAX DEPARTMENT Other Services We at KPMG Kuwait Tax department provide a full range of Tax advisory and Compliance services for local taxes such as Zakat & NLST, Corporate tax such as Income
Sage ERP I White Paper. ERP and the Cloud: What You Need to Know
I White Paper ERP and the Cloud: What You Need to Know Table of Contents Executive Summary... 3 Increased Interest in Cloud-Based ERP and SaaS Implementations... 3 What is Cloud/SaaS ERP?... 3 Why Interest
CDK Cloud Hosting HSP (Hardware Service Provision) For your Dealer Management System (DMS)
CDK Cloud Hosting HSP (Hardware Service Provision) For your Dealer Management System (DMS) First things first. Ask yourself these questions: Question 1: If your DMS was suddenly unavailable, could you
A to Z Information Services stands out from the competition with CA Recovery Management solutions
Customer success story October 2013 A to Z Information Services stands out from the competition with CA Recovery Management solutions Client Profile Industry: IT Company: A to Z Information Services Employees:
EA-ISP-001 Information Security Policy
Technology & Information Services EA-ISP-001 Information Security Policy Owner: Adrian Hollister Author: Paul Ferrier Date: 13/03/2015 Document Security Level: PUBLIC Document Version: 2.41 Document Ref:
IIA South West Event. A look at key supply chain risks and why contracting is a key step 14 January 2015
IIA South West Event A look at key supply chain risks and why contracting is a key step 14 January 2015 Objectives and agenda Page The contact at KPMG with respect to this presentation is: Iain Prince
Atos Secure File Sharing SaaS
G-Cloud Service Description Atos Secure File Sharing SaaS Anytime Files for G-Cloud 3 Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and Atos
Symantec Enterprise Vault.cloud Giovanni Alberici
Symantec Enterprise Vault.cloud Giovanni Alberici Global Product Marketing Manager 1 Agenda 1 2 3 4 Symantec s cloud strategy Overview of Symantec.cloud Symantec Enterprise Vault.cloud Symantec.cloud portfolio
Audit Committee self-assessment
Audit Committee Institute Sponsored by KPMG Audit Committee self-assessment The results of the self assessment and any action plans should be reported to the board after discussion with the chairman of
Sage 50 Accounting. Cloud, On-Premises, and Hybrid Software Solutions: What s Right for Your Small Business?
Sage 50 Accounting Cloud, On-Premises, and Hybrid Software Solutions: What s Right for Your Small Business? As a small business owner, you have to make a lot of decisions, but did you ever think that a
Client Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
Cloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
HIPAA/HITECH Compliance Using VMware vcloud Air
Last Updated: September 23, 2014 White paper Introduction This paper is intended for security, privacy, and compliance officers whose organizations must comply with the Privacy and Security Rules of the
The Effective People Manager. Open Course: 29-31 May 2013
The Effective People Manager Open Course: 29-31 May 2013 The Effective People Manager The Effective People Manager will give you the opportunity to focus intensely on your role and responsibilities as
Cloud, Appliance, or Software? How to Decide Which Backup Solution Is Best for Your Small or Midsize Organization.
WHITE PAPER: CLOUD, APPLIANCE, OR SOFTWARE?........................................ Cloud, Appliance, or Software? How to Decide Which Backup Solution Is Best for Your Small or Midsize Who should read
Protecting Official Records as Evidence in the Cloud Environment. Anne Thurston
Protecting Official Records as Evidence in the Cloud Environment Anne Thurston Introduction In a cloud computing environment, government records are held in virtual storage. A service provider looks after
Fujitsu extends SAP HANA to the Cloud
Fujitsu extends SAP HANA to the Cloud Fujitsu extends SAP to the Cloud Break the boundaries and unleash your business value. www.fujitsu.com.au/sap SAP HANA - What it s all About Fast access to vast amounts
How To Transform It Risk Management
The transformation of IT Risk Management kpmg.com The transformation of IT Risk Management The role of IT Risk Management Scope of IT risk management Examples of IT risk areas of focus How KPMG can help
Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations. kpmg.com
Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations kpmg.com b Section or Brochure name Effectively using SOC 1, SOC 2, and SOC 3 reports for increased
Cybersecurity Practices of Ohio Investment Advisers; A Summary of Survey Responses
Cybersecurity Practices of Ohio Investment Advisers; A Summary of Survey Responses October 2014 A Pilot Survey to Compile Cybersecurity Information In July 2014, the Ohio Division of Securities participated
Fujitsu Cloud for SAP
Fujitsu Cloud for SAP Fujitsu Extends SAP to the Cloud Break the boundaries and unleash your business value. www.fujitsu.com.au/sap Fujitsu Extends SAP to the Cloud Fujitsu Cloud for SAP is a locally based
London Business Interruption Association Technology new risks and opportunities for the Insurance industry
London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014 Agenda Introduction The world we live in
Is it Time to Trust the Cloud? Unpacking the Notorious Nine
Is it Time to Trust the Cloud? Unpacking the Notorious Nine Jonathan C. Trull, CISO, Qualys Cloud Security Alliance Agenda Cloud Security Model Background on the Notorious Nine Unpacking the Notorious
The SMB IT Decision Maker s Guide: Choosing a SaaS Service Management Solution
BEST PRACTICES WHITE PAPER The SMB IT Decision Maker s Guide: Choosing a SaaS Service Management Solution Nine Things to Look For in Your Next SaaS Service Desk Table of Contents Introduction...................................................
Introduction to Cloud Storage GOOGLE DRIVE
Introduction to Cloud Storage What is Cloud Storage? Cloud computing is one method to store and access data over the internet instead of using a physical hard drive (e.g. computer s hard drive, flash drive,
IT SERVICE MANAGEMENT FAQ
IT SERVICE MANAGEMENT FAQ Version: 1.3 Date: February 2011 Page 1 Table of Contents 1.0 Introduction... 3 2.0 Data Stewardship... 4 2.1 Where is the data stored?... 4 2.2 Who controls the data?... 4 2.2
Skelta BPM and High Availability
Skelta BPM and High Availability Introduction Companies are now adopting cloud for hosting their business process management (BPM) tools. BPM on cloud can help control costs, optimize business processes
Asigra Cloud Backup V13 Delivers Enhanced Protection for Your Critical Enterprise Data
Datasheet Asigra Cloud Backup V13 Delivers Enhanced Protection for Your Critical Enterprise Data Ensure the critical data you need to run your operations, serve customers, gain competitive advantage, and
Digital Forensics Services
Digital Forensics Services A KPMG SERVICE FOR G-CLOUD VII October 2015 kpmg.co.uk Digital Forensics Services KPMG PROVIDES RELIABLE END TO END COMPUTER FORENSIC AND EXPERT WITNESS SERVICES We bring together
NHSmail mobile configuration guide Apple iphone
Only the Apple iphone 3GS and iphone 4 support encryption at rest. The iphone 3G and iphone 2G will not connect to NHSmail NHSmail mobile configuration guide Apple iphone Version: V.6 Date: November 2011
Driving business performance Using data analytics
Driving business performance Using data analytics January 2016 kpmg.com About data analytics Many companies are overlooking a significant opportunity to enhance decision making and improve performance
Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture
Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture 2 Data Security and Privacy Principles for IBM SaaS Contents 2 Introduction
Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD
Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD Agenda Cloud Computing Technical Overview Cloud Related Applications Identified Risks Assessment Criteria Cloud Computing What Is It? National
Tech Tools for nptechies
Tech Tools for nptechies Richard Wollenberger Imtiaz Haiyoom Tips and tools for nptechies Tips and tools for nptechies AGENDA Introductions What do you do first? Best practices Cloud Services (SaaS) Tools
Data In The Cloud: Who Owns It, and How Do You Get it Back?
Data In The Cloud: Who Owns It, and How Do You Get it Back? Presented by Dave Millier, Soban Bhatti, and Oleg Sotnikov 2013 Sentry Metrics Inc. Agenda Reasons for Cloud Adoption How Did My Data Get There?
A NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
G-Cloud Service Description. Atos Microsoft Dynamics CRM on Demand
G-Cloud Service Description Atos Microsoft Dynamics CRM on Demand February 2013 Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and Atos WorldGrid
Validating Enterprise Systems: A Practical Guide
Table of Contents Validating Enterprise Systems: A Practical Guide Foreword 1 Introduction The Need for Guidance on Compliant Enterprise Systems What is an Enterprise System The Need to Validate Enterprise
Backing up your digital image collection provides it with essential protection.
Backing up your digital image collection provides it with essential protection. In this chapter, you ll learn more about your options for creating a reliable backup of your entire digital image library.
POLICY. 1) Business Continuity Management 2) Disaster Recovery 3) Critical Incident Management 4) Risk Management
POLICY Policy Title: Management Descriptors: 1) Management 2) Disaster Recovery 3) Critical Incident Management 4) Risk Management Category: Risk Management Intent Organisational Scope Definitions Policy
Contracting for Cloud Computing
Contracting for Cloud Computing Geofrey L Master Mayer Brown JSM Partner +852 2843 4320 [email protected] April 5th 2011 Mayer Brown is a global legal services organization comprising legal
VAT and Professional Services March 11, 2014
VAT and Professional Services March 11, 2014 Sandra Skuszka Head of VAT services KPMG LLC Isle of Man Agenda Brief overview of how VAT works. What is the difference between zero rated and exempt supplies?
Learn About Symantec Backup Exec 2012
Symantec Backup Exec 2012 Siedziba spółki: Perceptus sp. z o. o. Ul. Drzewna 30/2A 65-140 Zielona Góra Biuro handlowe ul. Chopina 14A 65-031 Zielona Góra Tel. 68 470 07 70 Fax 68 470 07 79 Email: [email protected]
Your incentive compensation plans have no borders.
Your incentive compensation plans have no borders. Why should your compliance processes? KPMG LINK Global Equity Tracker powered by KPMG LINK Work Force Take care of risks before take off Challenges of
Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions
SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.
STATE OF THE DATA CENTER SURVEY GERMANY RESULTS
STATE OF THE DATA CENTER SURVEY GERMANY RESULTS SEPTEMBER 2012 CONTENTS 3 METHODOLOGY 4 INTRODUCTION 5 DATA CENTER COMPLEXITY IS PERVASIVE 6 EFFECTS OF DATA CENTER COMPLEXITY ARE DIVERSE AND COSTLY 8 IT
Backup & Disaster Recovery
Backup & Disaster Recovery Backup & Disaster Recovery You already know that a security breach could cost you loss of critical data, your customers, your reputation, and even your business but do you know
Cloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
Cloud Consulting Services
Cloud Data Center Business Intelligence Enterprise Computing Solutions Services Cloud Consulting Services Service Overview Embarking on the road to cloud computing is not a simple journey and shouldn t
The Risks of Cloud Storage
The Risks of Cloud Storage MyWorkDrive.com The Risks of Cloud Storage For all of the benefits cloud storage options provides, we cannot ignore the potential risks of public cloud computing. Even though
Your incentive compensation plans have no borders. Why should your compliance processes? Powered by KPMG LINK Global Equity Tracker
Your incentive compensation plans have no borders. Why should your compliance processes? Powered by KPMG LINK Global Equity Tracker Take care of risks before take off Challenges of mobility Incentive compensation
Advanced High Availability Architecture. White Paper
Advanced High Advanced High Production database servers are replicated in near-real time to a peer data center within the same geographic region in Asia Pacific Japan (APJ); Europe, Middle East and Africa
Abertay Data Storage Policy
Abertay Data Storage Policy Author Louise Cardno, Business Analyst Reviewer Frazer Greig, ICT Operations Manager Approved by Michael Turpie, Head of Information Services Approval date(s) 03-Jun-2015 Review
Cloud Courses Description
Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,