Enterprise Risk Management: Strategie e Soluzioni a confronto

Similar documents

Dall Information Security alla Cyber Security, e ritorno

Alberto Meneghini! Security Leader, IBM Italia! IBM Security IBM Corporation IBM Corporation

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

Big Data, Big True. IDC Big Data Conference II, Bologna 19 novembre Fabio Rizzotto IT Research&Consulting Director, IDC Italy

Risk management, Piano strategico e Organi di governo

Le sfide e le opportunità dell internet mobile nelle aziende

IBM Security Services

The Economic Outlook Il quadro economico INTELLIGENCE ON THE WORLD, EUROPE, AND ITALY LO SCENARIO DI OGGI E DI DOMANI PER LE STRATEGIE COMPETITIVE

Sicurezza Data Center 22 giugno Fabio Paravani Regional Account Manager

TRADING ONLINE E STATISTICA PDF

Governance, Risk & Compliance

Questa versione del programma è da intendersi come provvisoria * da confermare Seguici sui Social Network e commenta con #forumt2s This version is

Reducing Risk Through Effective Certificate Management

NetBackup Best Practice Using Tape Storage with Deduplicating Disk Storage

PCI DSS READINESS AND RESPONSE

MANY CERTIFICATES WHAT S THE WORTH?

Symantec Consulting Services

Industrial Control Systems Security. Denny Gregianin_Sales Area Manager

Spambrella SaaS Support Terms & Conditions

comscore Day Press Conference Milan, 19 th November 2015

How To Get A Cloud Service For A Small Business

Find the needle in the security haystack

E U R O P E A N C U R R I C U L U M V I T A E F O R M A T PERSONAL INFORMATION

Choosing Between Managed Security Services or In-house SIEM? Consider the Benefits of both!

Corso: Mastering Microsoft Project 2010 Codice PCSNET: MSPJ-11 Cod. Vendor: Durata: 3

22/11/ :08:30 Pag. 1/10

Intel Open Day. VASCO and Intel Identity Protection Technology. Richard Zoni Sales Manager Italy VASCO Data Security

Titoli delle qualifiche

ITIL and Altiris ServiceDesk. Joseph Carson, Sr. Product Manager October 21, 2009

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

Better Together: Microsoft Office 365 & Symantec Office 365

Symantec Enterprise Vault.cloud Giovanni Alberici

Altiris Client Management Suite

Cloud Services: cosa sono e quali vantaggi portano alle aziende manifatturiere

DTI / Titolo principale della presentazione IPHONE ENCRYPTION. Litiano Piccin. 11 ottobre 2014

Public, Private, Hybrid:

Smart Factory: non un lontano futuro, ma un attuale opportunità grazie al concetto Optimized Packaging Plant (OPP)

How To Manage A Network On A Pnet 2.5 (Net 2) (Net2) (Procedure) (Network) (Wireless) (Powerline) (Wired) (Lan 2) And (Net1) (

CERTIFICATE MANAGEMENT SURVEY

From Complexity to Client Centricity - Business Analytics nel settore bancario

Oracle Retail MICROS Stores2 Functional Document General - License Control Release September 2015

Symantec Critical System Protection Agent Event Viewer Guide

An Oracle White Paper January Access Certification: Addressing & Building on a Critical Security Control

IMPLEMENTATION OF HIGH-PERFORMANCE SECURITY MANAGEMENT PROCESSES

Software License Monitoring

Transform Audit Practices and Move Beyond Assurance

Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,

Retailing without walls: La trasformazione del punto vendita in un contesto di multicanalità

8 Key Requirements of an IT Governance, Risk and Compliance Solution

Source code security testing

Cad Service e l integrazione CAD : Una partnership di valore per. Meeting. G.Delmonte Founder and CEO CadService

Direct virtual machine creation from backup with BMR

Kotler Keller. Marketing Management 14e

Securing OS Legacy Systems Alexander Rau

Streamlining the ediscovery

Enterprise Vault 10 Feature Briefing

How To Teach A Security Manager

Oracle Retail MICROS Stores2 Functional Document Tax Free - Manual Receipt Number Assignment Release September 2015

Corso: Administering Microsoft SQL Server 2012 Databases Codice PCSNET: MSQ2-1 Cod. Vendor: Durata: 5

UP L13: Leveraging the full protection of SEP 12.1.x

S A P F A S H I O N M A N A G E M E N T D E V E L O P E D W I T H F A S H I O N B R A N D S F O R F A S H I O N B R A N D S

Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP

Symantec Control Compliance Suite Standards Manager

SAP for Utilities: Innovazione Tecnologica ed Energy Revolution il nuovo volto delle Utility Sandro Marcotto Industry Business Development Utility

An Oracle White Paper October An Integrated Approach to Fighting Financial Crime: Leveraging Investments in AML and Fraud Solutions

Enterprise Vault 11 Feature Briefing

Website Security Solutions Path to Specialization Experienced. Proven. Trusted.

Best Practices for a BYOD World

IBM QRadar Security Intelligence April 2013

Leveraging a Maturity Model to Achieve Proactive Compliance

3 rd -party Security Risk Assessment

Oracle Retail MICROS Stores2 Functional Document Sales - Reasons Release September 2015

Symantec Residency and Managed Services

DIRECTORS AND OFFICERS PROPOSTA DI POLIZZA

VMware Forum Alberto Bullani Regional Manager Milan, May 14 th 2013

FLAVIO D ANNUNZIO Digital for Business

scale per l arredamento d interni stairs for interior design

Best Practices in File Integrity Monitoring. Ed Jowett, CISSP ITIL Practitioner Sr. Systems Engineer, Tripwire Inc.

Transcription:

Enterprise Risk Management: Strategie e Soluzioni a confronto - Milano 25 Settembre 2008 Fabio Battelli, CISSP, CISA Practice Manager - Advisory Services Symantec Consulting Services

Symantec Global Services Advisory Service Overview 2

Symantec Global Services Enabling Confidence in a Connected World Global Reach: 4000+ professionals across Americas, EMEA, APAC, Japan 6000+ consulting engagements per year Work with 95% of Fortune 500 Real-world implementation experience Deep technology expertise Leveraging industry best practices Advisory & Solutions enablement skills Consulting company acquisition (Company-i) Professioanls certification (ITIL, CISM, CISSP)

Symantec Consulting Services in Italia Governance, Risk & Compliance IT Transformation Services Business Continuity Management Information Foundation Data Centre Management Threat Management/IT policy Compliance Backup & Storage Management Operational support Antivirus and Data Protection op. svcs. SOC operational services Brand monitoring and online fraud mgmt.

Risk Management: Key Facts Advisory Service Overview 5

Il Risk Management è importante per...

Risk Management & Compliance La conformità ed i rischi IT sono strettamente legati. Ad un aumento della conformità IT, corrisponde una riduzione dei rischi IT

Governance, Risk & Compliance Governance Governance Governance Crea Valore Definisce obiettivi ed aspettative Individua le Regulation Definisce regole e politiche People Processes Technology Risk Risk Management Individua Minacce, Vulnerabilità, Probabilità Seleziona le contromisure Stabilisce l Asset Value Definisce la strategia di minitigazione Risk Compliance Compliance Compliance Definisce i controlli Lega i controlli alle politiche Fornisce evidenze Dimostra la due diligence

Risk Management: Metodologie e soluzioni Symantec IT Security Risk Management & Compliance

Risk Management Top Issues (Fonte: ENISA) Principali ostacoli alla gestione del rischio secondo ENISA (European Network and Information Security Agency)...

Risk Management Quale metodologia scegliere?

Risk Management Methodology Soluzioni

Risk Analysis Threats vs Control

Risk Analysis Threats or Control Disponibilità di dati storici inerenti la probabilità di accadimento Per Industry Specifiche (es. Banking) Prevalenza del metodo Quantitativo (es. Valutazione monetaria) Ottenere risultati con rapidità, soprattutto nelle grandi organizzazioni Valutare conformità a Standard e Regulation Prevalenza del metodo Qualitativo

Risk Management Fattori Critici di Successo

Governance, Risk & Compliance (GRC) Process Automation Advisory Service Overview 16

Symantec s Automated IT Compliance Approach Define Assess Report Remediate Determine Risk and Develop Policies Assess Infrastructure and Processes Monitor and Demonstrate Due Care Assess Risk and Remediate Problems POLICIES and CONTROLS TECHNICAL CONTROLS DASHBOARDS RISK WEIGHTED REMEDIATION AUDIT REPORTS RISK ASSESSMENTS PROCEDURAL CONTROLS

Thank You! Fabio Battelli Practice Manager - Advisory Consulting Services fabio_battelli@symantec.com +39 3351860905 Copyright 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 18