Aegon's Internal Cloud Broker



Similar documents
Applying Business Architecture to the Cloud

Architecting the Cloud

On Premise Vs Cloud: Selection Approach & Implementation Strategies

Office of the Government Chief Information Officer The Government of the Hong Kong Special Administrative Region

The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II).

Domain 1 The Process of Auditing Information Systems

Vendor Risk Management Financial Organizations

Italy. EY s Global Information Security Survey 2013

Clinical Trials in the Cloud: A New Paradigm?

A new era of PaaS. ericsson White paper Uen February 2015

Maximize potential with services Efficient managed reconciliation service

The Push and Pull of the Cloud. TPI Cloud Computing Overview. April 5 th 2011

Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions

Achieve Economic Synergies by Managing Your Human Capital In The Cloud

ITIL Roles Descriptions

Planning a Successful Cloud Strategy Identify existing assets, assess your business needs, and develop a technical and business plan for your cloud

Cloud Security Who do you trust?

Integrating Project Management and Service Management

RFP Attachment C Classifications

HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA

SaaS the new normal. Service-now.com, Terry Brown

Accenture Cloud Platform Unlocks Agility and Control

Strategies for assessing cloud security

Fast IT: Accelerate Your Business

EXIN.Passguide.EX0-001.v by.SAM.424q. Exam Code: EX Exam Name: ITIL Foundation (syllabus 2011) Exam

IFMA Facility Management Learning System - Table of Contents

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

WHITE PAPER IT SERVICE MANAGEMENT IT SERVICE DESIGN 101

Ironside Group Rational Solutions

Privacy Governance and Compliance Framework Accountability

Roles within ITIL V3. Contents

Cloud, Beyond the Hype

112 BSIMM Activities at a Glance

CLOUD SERVICE LEVEL AGREEMENTS Meeting Customer and Provider needs

Becoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013

CHOOSING THE RIGHT CLOUD COMPUTING SOLUTION FOR YOU

Information Technology

Managing Public Cloud Workloads

Hybrid Cloud Mini Roundtable. April 17, Expect Excellence.

Services Providers. Ivan Soto

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

IT Vendor Due Diligence. Jennifer McGill CIA, CISA, CGEIT IT Audit Director Carolinas HealthCare System December 9, 2014

Blue Fire Thames Court 1 Victoria Street Windsor SL4 1YB enquiries@bluefire-uk.com

Seeing Though the Clouds

Pharma CloudAdoption. and Qualification Trends

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Information Security Program CHARTER

ITIL by Test-king. Exam code: ITIL-F. Exam name: ITIL Foundation. Version 15.0

Validating Enterprise Systems: A Practical Guide

Information security controls. Briefing for clients on Experian information security controls

Private Clouds Can Be Complicated: The Challenges of Building and Operating a Microsoft Private Cloud

CLOUD MIGRATION STRATEGIES

Balancing the Outsourcing Equation

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Approach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera

IBM EXAM QUESTIONS & ANSWERS

Cloud Computing. Bringing the Cloud into Focus

Cybersecurity in the States 2012: Priorities, Issues and Trends

John Essner, CISO Office of Information Technology State of New Jersey

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

OWASP Chapter Meeting June Presented by: Brayton Rider, SecureState Chief Architect

BMC Software Cloud Service Lifecycle

Building an effective stay back team to gain maximum value from an outsourcing agreement

ITIL. Lifecycle. ITIL Intermediate: Continual Service Improvement. Service Strategy. Service Design. Service Transition

(Dev + Ops) ITSM = Calamity

CRM for Real Estate Part 1: Why CRM?

ISEB MANAGER S CERTIFICATE IN ITIL INFRASTRUCTURE MANAGEMENT. Guidelines for candidates who are taking the ICT Infrastructure Examination

Question: 1 Which of the following should be the FIRST step in developing an information security plan?

The Next Generation of IT Management. Jason Andrew Vice President, Marketing & Communications

HSCIC IT Hosting Strategy

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Bank of Israel. 1. Background. In recent years, cloud. environmentally. from. aspects in. these. 2. Applicability. Directive ). 3.

WHITE PAPER THIRD PARTY MANAGEMENT: FUNDAMENTALS

I D C M A R K E T S P O T L I G H T. P r i va t e a n d H yb r i d C l o u d s E n a b l e New L e ve l s o f B u s i n e s s and IT Collaboration

Designing and Implementing Cloud Governance: Cloud, and Cloud Governance, are Emerging Capabilities

Software as a Service: Uncertainties Revealed

Whitepaper. Managed Services in the 21 st century

CACI Cloud Consulting Services

Managed Services. Business Intelligence Solutions

QUALITY MANAGEMENT SYSTEM MANUAL

IBM asset management solutions White paper. Using IBM Maximo Asset Management to manage all assets for hospitals and healthcare organizations.

Information Security for Managers

IT Governance Regulatory. P.K.Patel AGM, MoF

How To Understand Cloud Computing

Public Cloud Service Agreements: What to Expect & What to Negotiate. April 2013

White paper Reaping Business Value from a Hybrid Cloud Strategy

The Cloud-Enabled Enterprise Developing a Blueprint and Addressing Key Challenges

Who moved my cloud? Part I: Introduction to Private, Public and Hybrid clouds and smooth migration

Appendix A-2 Generic Job Titles for respective categories

Transcription:

Aegon's Internal Cloud Broker Cloud FS Americas Metropolitan West, NYC July 21, 2015 John Linn

Aegon at a glance Focus History Rating About Aegon Life insurance, pensions & asset management Dating back 170 years AA- financial strength rating Countries Employees Present in over 20 countries across the world Around 28,000 employees As per March 31, 2015 Underlying earnings before tax in 2014 Revenue-generating investments Paid out in claims and benefits in 2014 Our results EUR 1.9 billion EUR 638 billion EUR 34 billion 2 As per March 31, 2015

Navigating Opposing Forces Opportunities: Next-gen technologies provide a competitive advantage Easy, low cost entry (rent versus own) Scalable, flexible, and ubiquitous Interest in integrating Cloud services with on premise Constraints: Cloudy Thinking Money, Security, All or Nothing Efforts trapped in isolation Downside danger of service provider termination or lock-in Regulatory compliance 3

Hurdles Taxes Risk Assessment Adopting Common Global Solutions & Local Regulators Right to Audit Contracts Data Sovereignty Data Protection Directive Business Continuity Data Privacy Security Standards $ Cloud Hangover Cloud Provider Selection Governing the Ungovernable You must be THIS TALL To Ride This Ride 4

Emerging Needs Workload consulting Identification of total cost of ownership (TCO) and quantifying benefits Cloud services register of approved Cloud services Common third-party risk management process to identify blockers early Operational support Workload Deployment Definition Identifying a Cloud Use Case Selection Vendor Comparison and Decision Deployment Development, Integration, and Portability Management Aggregation, Portal & Billing Customization, and Runtime Support 5

Third Party Risk Management Framework Plans, Metrics, Risk Classification, and Governance Due Diligence (including resiliency and critical fourth parties) & third party selection Contract negotiation Roles and responsibilities for oversight and relationship management Documentation and reporting Ongoing monitoring Termination, including contingency plans Procurement Process Independent Review (assessment to determine process alignment with strategy and risk management effectiveness) 6

Clarification Through RASCI R Who is Responsible? The person who has to do it A Who is Accountable? The final decision maker S Who is Supporting? Resources allocated to responsible to help carry out the task C Who is Consulted? Persons requiring two way communication before a decision I Who is Informed? The person kept up-to-date or told after a decision 7

Exit Ongoing Monitoring Example: Ongoing Monitoring of Third Party Business Unit (BU) - 1st Line Functional Roles Risk 2nd Line Cloud Broker Outputs RASCI Business Owner Management C-Level Project Team 3rd party Relationship Manager Subject Mater Experts Design Authority Procurement Legal Compliance Information Security Chief Risk Officer (CRO) Operational Risk Management Mgrs Local Operational Risk Committees Global Risk Cloud Consulting Cloud Design and Build Cloud Run Global Procurement Deliverable Artifact / Outcome Third Party Outsourcing Monitoring Ongoing Monitoring Periodically monitor costs, performance, and ability to comply with contract, legal requirements, third party resiliency and financial I A/R C C C C I R health, and critical fourth parties Report on design & effectiveness of internal controls with third party I A/R I I I R Report on risks with third party I A/R I I C/I R Should arrangement be terminated? A R C C C I R Invoke contingency plan / exit strategy C A/R R R S C I R Terminate arrangement C A/R R R I I R RASCI Assignments shown in Red are only applicable when the solution chosen is a cloud offering. Begin Monitor costs, performance, contract compliance, legal requirements, third party resiliency and financial health, and critical fourth parties Report on internal controls effectiveness Report on risks with third party Terminate arrangement? No Yes 8 Invoke contingency plan / exit strategy Terminate arrangement End

Cloud Broker Services Business Unit Shadow IT Business Unit Solution Architects Cloud Brokering Cloud Consulting Cloud Design and Construction Cloud Operations 9 Central go-to team for business units and other global stakeholders for Cloud services Provides assurance new Cloud capabilities adhere to policies and requirements Ensures Cloud capabilities align with business and technical requirements by leveraging existing processes Define reference architecture and service blueprints (for example, integration layers) Engineer and implement automated platforms and solutions Plan and manage projects Provide configuration change, release and deployment management Test, validate and evaluate services Operate and monitor services and components Provide capacity, availability and service level management Perform incident and problem management Provide request fulfilment Maintain Cloud and Automation infrastructure Oversee and manage automated processes (patching, compliance, etc.)

Upcoming events Questions? May June Annual General Meeting of Shareholders The Hague May 20, 2015 JP Morgan insurance conference London June 2, 2015 Goldman Sachs conference London June 15, 2015 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information