10 Best-Selling Modules For Home Information Technology Professionals



Similar documents
Practical Approaches to Achieving Sustainable IT Governance

Beyond Mandates: Getting to Sustainable IT Governance Best Practices. Steve Romero PMP, CISSP, CPM IT Governance Evangelist

How Technology Supports Project, Program and Portfolio Management

How To Improve Your Business

Moving Forward with IT Governance and COBIT

Governance, Risk, and Compliance (GRC) White Paper

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes.

CA Service Management Solutions

ORACLE PROJECT MANAGEMENT

The expression better, faster, cheaper THE BUSINESS CASE FOR PROJECT PORTFOLIO MANAGEMENT

Strategies for assessing cloud security

Making Compliance Work for You

Dynamic Service Desk. Unified IT Management. Solution Overview

CA Clarity PPM. Portfolio Management User Guide. v

Becoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC

SERVICE BASED COSTING AND DEMAND MANAGEMENT

Enterprise Risk Management in Compliance 360

Finansbank enhances competitive advantage with greater control of 500 IT projects

Project Management through

IT Financial Management and Cost Recovery

CA Clarity PPM Solutions

RSA Archer Risk Intelligence

The Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach

Enterprise Service Management (ESM)

Leveraging Sarbanes-Oxley (SOX) to Build Better Practices

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

Equinix Increases IT and Employee Productivity with ServiceNow Cloud-Based IT Service Automation Solution

Finansbank Enhances Competitive Advantage with Greater Control of 500 IT Projects

XBRL & GRC Future opportunities?

CA Service Catalog r12

Moving beyond Virtualization as you make your Cloud journey. David Angradi

ORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION

Best practices in project and portfolio management

Best practices in demand management, project lifecycle management, and application lifecycle management

Simplify and Automate IT

SaaS the new normal. Service-now.com, Terry Brown

Based on 2008 Survey of 255 Non-IT CEOs/Executives

An ITIL Perspective for Storage Resource Management

How To Manage Risk

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

Copyright 11/1/2010 BMC Software, Inc 1

IBM asset management solutions White paper. Using IBM Maximo Asset Management to manage all assets for hospitals and healthcare organizations.

Managing the Business of IT in the Cloud Era. VMware vrealize Business

Address IT costs and streamline operations with IBM service desk and asset management.

Peregrine. AssetCenter. Product Documentation. Asset Tracking solution. Part No. DAC-441-EN38

Building a CA PPM Roadmap

Simplify and Automate IT

"Service Lifecycle Management strategies for CIOs"

ITIL v3 Process Cheat Sheets

IT Security & Compliance. On Time. On Budget. On Demand.

Version 1.0. IT Service Management & IT Asset Management Services (ITSM & ITAM Services) Governance Process

NEC Managed Security Services

Work Performance Statement

igrc: Intelligent Governance, Risk, and Compliance White Paper

Procurement General Session: Empowering Modern Procurement

Governance, Risk & Compliance for Public Sector

BMC and ITIL: Continuing IT Service Evolution. Why adopting ITIL processes today can save your tomorrow

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Service Catalog Management: A CA Service Management Process Map

IT Risk Management Life Cycle and enabling it with GRC Technology

PROCURE-TO-PAY AUTOMATION GUIDE. A guide to cloud procure-to-pay automation for CIOs, CFOs and CPOs. PRESENTED BY BIRCHSTREET SYSTEMS Copyright 2016

Department of Technology Services

RSA ARCHER AUDIT MANAGEMENT

Symantec Security Compliance Solution Symantec s automated approach to IT security compliance helps organizations minimize threats, improve security,

Self-Service SOX Auditing With S3 Control

Regulatory Compliance Management for Energy and Utilities

CLOUD MANAGED SERVICES FRAMEWORK E-BOOK

Security & IT Governance: Strategies to Building a Sustainable Model for Your Organization

Solution brief. HP solutions for IT service management. Integration, automation, and the power of self-service IT

Performance Management for Enterprise Applications

Governance, Risk and Compliance Management SAP Solutions for GRC. Holly Roland GRC Solutions Marketing SAP

CA Clarity PPM for IT Governance. Functional Overview

HP and netforensics Security Information Management solutions. Business blueprint

Business Service Management Links IT Services to Business Goals

Wolkige Versprechungen - Freiraum mit Tuecken

Microsoft s Compliance Framework for Online Services

Service Portfolio Management PinkVERIFY

White Paper. An Overview of the Kalido Data Governance Director Operationalizing Data Governance Programs Through Data Policy Management

The new licensing model increases the flexibility of organizational use and reduces total cost of ownership.

Application Security Center overview

RSA SIEM and DLP Infrastructure and Information Monitoring in One Solution

Genesis Energy delivers IT projects faster with standardised processes and CA Clarity PPM.

Achieve greater efficiency in asset management by managing all your asset types on a single platform.

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved.

Pragmatic Business Service Management

BRIDGE. the gaps between IT, cloud service providers, and the business. IT service management for the cloud. Business white paper

Continuous Controls Monitoring. Virginia ISACA January Meeting 19 January 2010

Policy-Based Security, Compliance, and Risk Management

IT Governance, Risk and Compliance (GRC) : A Strategic Priority. Joerg Asma

SESSION 709 Wednesday, November 4, 9:00am - 10:00am Track: Strategic View

CA Clarity Integration

Information Security Program CHARTER

Metrics that Matter Security Risk Analytics

IT Governance: framework and case study. 22 September 2010

Transcription:

Integriertes Risk und Compliance Management als Elemente einer umfassenden IT-Governance Strategie Ing. Martin Pscheidl, MBA, MSc cert. IT Service Manager Manager, Technical Sales CA Software Österreich GmbH Email: martin.pscheidl@ca.com The Core of V3 Service Strategy (Good) Services > follow (good) Strategy > are aligned with the business > are planned > are calculated > are controlled > are managed it the right Service Portfolio Management tool 2 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 1

Portfolio Management Evolution Project Portfolio Management: Emerged 2002 Comprehensive Portfolio Management: 2004 Service Portfolio Management: 2006 Projects and Significant Work Requests Strategic: BI for the IT Steering Committee Tactical: IT checkbooks for the business Portfolios include assets, apps, projects Scenario planning capabilities Constraint-based optimization and efficient frontiers Governing at the IT Service Level ITIL V3 3 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH IT Services > IT services are a unique combination of people, processes, technology and assets that provide specific business value. > The new CA Clarity IT Portfolio Manager and Clarity IT Business Relationship Manager modules can expand your usage of CA Clarity beyond the project portfolio and help your IT department deliver a portfolio of IT services that the business really values. 4 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 2

What is Clarity IT Service? > IT Service investment object Department can subscribe to an IT Service so IT know what customers are utilizing their services > Financial and Effort Rollup Configure child items to a service to see a hierarchical bill of investments that dynamically aggregates cost and labor totals to view the TCO of the service Available for most investments not just services > Investment Allocation Configure percentages on how an investment is allocate to its parent investment. Has to add up to 100% always. Computes the cost and labor totals within Financial and Effort Rollup pages based on the investment allocation on the child item 5 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Service Portfolio Management Use Case Idea Demand Analyze Idea Portfolio Service Hierarchy Plan Service - Hierarchy Financial Management Integration Import Asset costs Portfolio Analyze Service Provider Dashboard Metrics and Recovery Statement Customer Dashboard Metrics and Invoice Departments Subscribe to Service 6 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 3

Services 7 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Service-Hierarchie Investmenttypen %-Zuordnung 8 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 4

Customer Portal 9 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Provider Portal 10 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 5

Provider Portal / Incidents 11 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Provider Portal / Workload 12 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 6

Benefits of the Clarity IT Service IT > View real-time the TCO of their IT Services > More insight on the makeup of IT Services for improved forecast and budget of cost and labor resources > Better justify current budget or increases budget based on utilization of IT Services by the business > Visibility on customers using the IT Services to gauge how to best allocation resources and funds to existing IT Services Customer > Visibility to the services IT provides Subscribe or unsubscribe to services that are needed or not needed by the business > Provides transparency related to charges of IT Services subscriptions Where are funds going? > Provides a common mechanism to view business metrics of IT Services they have subscribed to 13 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH CA GRC Manager Copyright 2008 CA Software Österreich GmbH 7

ITG vis-à-vis GRC ITG IT-business alignment Operational Management Targets > CIO > PMO > Business Relationship Managers > IT Finance Systems > IT Portfolio Management > PPM > IT Asset Management > Financial Management > Resource Management > Demand Management GRC Identify, categorize and mitigate compliance risks Compliance & Risk Management Targets > CIO > CCO > CRO > Corporate Counsel Systems > Risk & Controls Management > Information Governance > Identity & Access Management > Security Information Management > Recovery Management > Change & Configuration Management 15 15 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH GRC Market Categories & Definitions 16 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 8

The Evolution of GRC Optimize Maturity Get Compliant Single regulatory focus Too many controls Manual efforts Reduce Cost Associate controls with multiple regulations Associate controls with Risk Associate project cost to remediation Automate controls and monitor Manage across multiple regulations Risk-based decision making Compliance investment governance Integrated approach to GRC Manual controls As Is 2003 2004 2005 2006 2007 Time 17 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Customer Challenge: The Risk & Regulatory Dilemma Board of Directors Shareholders Regulators External Auditors Compliance SOX PMO Privacy CRO CCO Legal Counsel Risk Management Internal Audit Policies CobiT PCI SOX SLAs HIPAA SOX CobiT PCI Policies SLAs Procurement and AP Manufacturing Sales and Marketing Enterprise Security CIO CISO CFO Finance IT Accounting Human Resources Outsourced HR Outsourced IT 18 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 9

Complex and Costly Business Processes Regulators External Auditors Board of Directors Compliance SOX PMO Shareholders Procurement Privacy and AP Finance Regulatory Reviews Risk Management Risk Assessments Manufacturing Accounting CIO CRO CISO CCO Performance Policies HIPPA CobiT PCI SOX Improvement Sales and CFO Human Internal SLAs Marketing HIPAA Resources SOX Audit CobiT PCI Enterprise Outsourced Legal Policies Security HR IT Counsel SLAs Remediation Outsourced IT 19 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH IT GRC Unified and Simplified Reduce Total Cost Provide Transparency & Visibility Manage & Govern Compliance Provide Enterprise View for Executives Streamline Processes Reduce Complexity Improve Use of Resources Board of Directors Shareholders Regulators External Auditors Compliance SOX PMO Privacy CRO CCO Legal Counsel Risk Management Internal Audit Procurement and AP Manufacturing IT GRC CA GRC Manager Regulatory Sales and Policies HIPPA CobiT SLAs PCI SOXReviews Risk HIPAA Assessments Marketing SOX Performance CobiT Improvement Remediation PCI Policies SLAs Enterprise Security CIO CISO CFO Finance IT Accounting Human Resources Outsourced HR Outsourced IT 20 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 10

The Reality in the companies How often do we have to provide basically the same information to all these different groups? Business Unit Process Owners Audit Compliance Risk Management Regulators 21 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH A better way Let s document our risks and controls, testing and results once and relate them to all applicable regulations? Business Unit Process Owners Enterprise Risk and Control Repository Audit Compliance Risk Management Regulators 22 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 11

CA s IT GRC Solution What is it? > CA IT GRC Solution manages IT risk through a holistic portfolio-based approach that incorporates the automation and continuous monitoring of the underlying IT controls > We do this by enabling organizations to: Identify, categorize, analyze, and prioritize risk Automate and continuously monitor critical IT controls related to IT risk Project manage the remediation process 23 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH CA Differentiation in IT GRC Market > A Portfolio view of all IT risks and controls (GRC Manager) Content: Unified Compliance Framework, Deloitte Risk Catalog integration Configurable: Easily User-configured does not require coding for tailoring Connectivity Out-of-box integration with IT systems of record Business systems via XML Open Gateway Costs: Provides visibility into the total cost of compliance > Breadth of IT GRC controls includes: Industry s most comprehensive set of controls across the major areas of IT (security, information and assets) Continuous controls and monitoring to automate the process of monitoring these controls > A complete solution for IT GRC IT Controls have been proven in very large, complex IT environments GRC Manager is the result of extensive feedback from customers and analysts CA has many years of experience helping to deploy successful IT management solutions 24 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 12

Critical Questions Answered by CA GRC Manager > What are the controls for specific regulations such as SOX, PCI, etc? > What assets are related to a failed control? > What is it costing your Company to remediate controls for SOX? > What is the status of controls testing for a specific business unit? > What are the risks for a specific business unit and what is the status of the mitigating controls? 25 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH IT Governance & Risk Mitigation Clarity GRC Manager includes content that can help organizations identify requirements associated with almost 300 published regulations and industry standards from across the globe. Clarity GRC Manager also provides functionality that will help management identify and document the impact these requirements will have on the organization and manage these requirements effectively. Integration with other CA products will help automate management s risk and control related activities, reducing the burden of what is otherwise a very resource intensive and costly undertaking 26 2/27/2008 Integriertes Risk und Compliance Management - Copyright 2008 CA Software Österreich GmbH Copyright 2008 CA Software Österreich GmbH 13

Danke! Fragen? Martin Pscheidl CA Software Österreich GmbH Wienerbergstrasse 42 Euro Plaza Haus E +43 664 3582869 martin.pscheidl@ca.com Copyright 2008 CA Software Österreich GmbH 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information