CS 101 November 15, 2010



Similar documents
IT Governance. What is it and how to audit it. 21 April 2009

Italy. EY s Global Information Security Survey 2013

Placing Your Applications in the Best Cloud Model

How To Manage Risk

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

How To Improve Your Business

HP and netforensics Security Information Management solutions. Business blueprint

IT consulting Advice into action

Project Management Office Best Practices

IRMAC SAS INFORMATION MANAGEMENT, TRANSFORMING AN ANALYTICS CULTURE. Copyright 2012, SAS Institute Inc. All rights reserved.

A Risk-Adjusted Operating Model for Insurers: Addressing Regulatory and Market Demands

Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff

Strengthen security with intelligent identity and access management

Q1 Labs Corporate Overview

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

The following is intended to outline our general product direction. It is intended for informational purposes only, and may not be incorporated into

What is Security Intelligence?

KPMG s Financial Management Practice. kpmg.com

Fortune 500 Medical Devices Company Addresses Unique Device Identification

Payment Card Industry Data Security Standard

ABOUT US WHO WE ARE. Helping you succeed against the odds...

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

Accenture Technology Consulting. Clearing the Path for Business Growth

Assessing and implementing a Data Governance program in an organization

SAP ERP FINANCIALS ENABLING FINANCIAL EXCELLENCE. SAP Solution Overview SAP Business Suite

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

Governance, Risk, and Compliance (GRC) White Paper

Data Governance for Financial Institutions

Intercompany Reconciliation and Settlement. WIPRO CONSULTING SERVICES Business Methods Series.

GOVERNANCE DEFINED. Governance is the practice of making enterprise-wide decisions regarding an organization s informational assets and artifacts

Identity & Access Management new complex so don t start?

Certified Information Systems Auditor (CISA)

Leveraging Continuous Auditing / Continuous Monitoring in internal audit April 10, 2012

Let the Potential of Your Business Emerge. Paragon Solutions Inc. Proprietary

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

IT Audit Perspective on Continuous Auditing/ Continuous Monitoring KPMG LLP

An Oracle White Paper November Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime

Enterprise Risk Management

Using SIEM for Real- Time Threat Detection

Accelerate Your Enterprise Private Cloud Initiative

Continuous Controls Monitoring. Virginia ISACA January Meeting 19 January 2010

From Data to Insight how full-stack BI operations enable CFOs to thrive in today s rapidly evolving business environment

Information & Asset Protection with SIEM and DLP

Next presentation starting soon Next Gen Customer Experience Enabled by PwC & Oracle s Cloud CRM & CX Applications

The Value of Vulnerability Management*

Outperform Financial Objectives and Enable Regulatory Compliance

IT risk management discussion 2013 PIAA Leadership Camp May 15, 2013

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Custom Consulting Services Catalog

Big Data, Big Risk, Big Rewards. Hussein Syed

IT audit updates. Current hot topics and key considerations. IT risk assessment leading practices

Technical Management Strategic Capabilities Statement. Business Solutions for the Future

Visual Enterprise Architecture

Getting Started with Data Governance. Philip Russom TDWI Research Director, Data Management June 14, 2012

Finding the Sweet Spot. Using analytics to combine Fraud and AML

Using Business Intelligence to Achieve Sustainable Performance

Software Industry KPIs that Matter

APPENDIX C - PRICING INDEX DIR-SDD-2514 VERIZON BUSINESS NETWORK SERVICES, INC SERVICES

Information Governance 2.0 A DOCULABS WHITE PAPER

Risk mitigation for business resilience White paper. A comprehensive, best-practices approach to business resilience and risk mitigation.

SAP Thought Leadership Business Intelligence IMPLEMENTING BUSINESS INTELLIGENCE STANDARDS SAVE MONEY AND IMPROVE BUSINESS INSIGHT

Collaboration for Big Data, Business Intelligence, and Mobile Initiatives

Washington State s Use of the IBM Data Governance Unified Process Best Practices

Building Out BPM/SOA Centers of Excellence Business Driven Process Improvement

IT Security in Banque du Liban

End-to-End Infrastructure Solutions

You Can t Afford the Risks

IT Risk Management Life Cycle and enabling it with GRC Technology

A Corporate Profile.

BRIDGE. the gaps between IT, cloud service providers, and the business. IT service management for the cloud. Business white paper

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

IT Governance: framework and case study. 22 September 2010

Proven Testing Techniques in Large Data Warehousing Projects

Enhancing IT Governance, Risk and Compliance Management (IT GRC)

RSA Archer Risk Intelligence

Business Intelligence & Data Warehouse Consulting

Harness Enterprise Risks With Oracle Governance, Risk and Compliance

The Protection Mission a constant endeavor

IT Transformation for Health Care

QA Engagement Models. Managed / Integrated Test Center A Case Study

Using business intelligence to drive performance through accuracy in insight

Presented By: Leah R. Smith, PMP. Ju ly, 2 011

The Power of Risk, Compliance & Security Management in SAP S/4HANA

2015 Analyst and Advisor Summit. Advanced Data Analytics Dr. Rod Fontecilla Vice President, Application Services, Chief Data Scientist

Inspiration for what is possible Inspiring new possibilities for your business with PwC and Oracle

The Importance of Credit Data Management

Empowering Your Business in the Cloud Without Compromising Security

Leveraging Information For Smarter Business Outcomes With IBM Information Management Software

Introduction to SAS Risk Management

Assessing the Opportunities Presented by the Modern Enterprise Archive

Cybersecurity The role of Internal Audit

Corralling Data for Business Insights. The difference data relationship management can make. Part of the Rolta Managed Services Series

Planning a Basel III Credit Risk Initiative

How RSA has helped EMC to secure its Virtual Infrastructure

How To Manage Data

Enterprise Information Management

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC

BSM for IT Governance, Risk and Compliance: NERC CIP

FIVE PRACTICAL STEPS

Transcription:

CS 101 November 15, 2010 Introductions David Kahan, 04 David.Kahan@ey.com Manager, IT Advisory Seha Islam, 08 & 09 Seha.Islam@ey.com Staff, IT Advisory 1

Facts about Ernst & Young $24.5 billion in revenue 135,000 people More than 640 locations in 140 countries Serving clients from startups to multinationals in every industry What we do Advisory IT Risk & Assurance Performance Improvement Risk Assurance External Audit Fraud Investigations & Dispute Tax Advisory, reporting and operations Transactions Helping clients evaluate, plan and execute transactions Specialty Sub-Service Lines Including the Financial Office 2

What are we looking for? Integrity People who excel Respect People who are good at working in teams People with energy, enthusiasm and the courage to lead People who thrive on challenge Programs Mentorship Summer Leadership Program Internship Horizon Internships Global Student Exchange Program 3

Technology for the Financial Industry Our technology capabilities are based on significant demand from our clients in key strategic areas: Finance Risk Operations Compliance Security Data Management We connect business and technology to more effectively enable our financial services clients businesses. Our solutions focus on the deep integration of functional, process and technology knowledge. We work closely with a number of strategic technology software and service providers to create an integrated delivery team. Information Management and Analysis We help our clients manage the collection, storage, use and quality of information and enable information intelligence to meet business needs. Business Intelligence Helps realize the full potential of data through effective reporting and analysis and key metrics. Our services range from discrete projects to full implementation of a report and analytics application, transforming data from a cost center into a competitive advantage. Business intelligence strategy and analysis Discrete reporting and analysis Business intelligence technology evaluation, selection and implementation Data Analytics Help solve business problems using advanced data analysis techniques that leverage technology to process large volumes of data to perform complex computations in a scalable, reproducible and automated manner. Compliance evaluation Risk analytics Buy/sell side analytics Process and control analytics Fraud and forensics Data Quality and Governance Help our clients better manage enterprise data and build confidence in its accuracy and reliability by executing data governance policies and standards. Processes and procedures for sustainability Data remediation and conversion Organizational models and frameworks Data accessibility, availability, integrity and consistency Data security and auditability Data Management Develops strategic information plans and blueprints for collecting, storing, maintaining, recalling and using data through the full data lifecycle. Metadata management Information strategy, architecture and roadmaps Data warehousing (to include ODS, DWH, DM) Master data management Information lifecycle management Data architecture Data quality control Enterprise architecture strategy and planning Data integration Data governance Data storage Metadata management Reporting and analysis Advanced analytics 4

Solution Enablement We help our clients with architecture, solution assessment, vendor application evaluation and implementation services. Credit Risk Technology Finance Technology Compliance Technology Trading and Market Risk Technology Provide services related to our clients credit risk and economic capital management processes. Select services include: Basel reporting frameworks End-to-end testing Risk-weighted asset calculators Capital calculators Provide solutions related to the efficient design and improvement of our clients finance architecture and systems including: Basel reporting frameworks General ledgers Consolidation solutions Planning/budgeting/ forecasting tools Operations Technology Provide solutions related to the efficient design, implementation and improvement of our clients operations architecture and systems. We implement CRM and other solutions that help improve operations and generate revenue opportunities. Sample services include: Package implementation End-to-end testing Custom solution design and development Provide solutions related to our clients regulatory mandates around fraud, trading activities, anti-money laundering, electronic messaging and governance/risk/ controls (GRC). Sample services include: Transaction monitoring systems Know your customer (KYC) solutions Case management tools Messaging retention and management constructs Provide solutions related to our clients front-to-back trade lifecycle processing, subledger accounting and trading/risk platform integration requirements. Sample services include: Order management systems Trading subledgers VaR engines Trading/risk systems integration Strategic Technology Advisory We help our clients assess and improve how technology enables the business in an effective and efficient manner. Technology Management Assess IT processes for completeness, maturity and quality of services. Leveraging industry standards and our reference model, we work closely with our clients to define, document and adopt improved technology processes. IT process maturity assessment Process improvement definition and adoption planning Control-driven process improvement Technology Strategy Establish a business-driven vision for the future of our clients IT systems, processes and infrastructure, and a roadmap to achieve that vision. IT strategy Application portfolio planning and management IT Mandate Create Value Rationalize Cost Manage Risk IT Must-Do s Align Strategically Govern Effectively Operate Efficiently Measure Performance IT Performance Areas IT Governance/ IT Strategy IT Staffing IT Spending Service and Support Applications and Infrastructure Data Program/Project Advisory Technology Architecture Develop a structured view of the function and interaction of the application and infrastructural components of the future state. Architectures guide design decision-making and facilitate the long-term achievement of the strategic vision. Application architecture Data architecture Infrastructure architecture Improvement Agenda Assess Improve Monitor Technology Infrastructure Assess and improve the effectiveness of technology infrastructure. We evaluate its ability to deliver service in line with business needs and advise clients on design, risk and green considerations of data center consolidation and construction. Infrastructure resiliency Data center risk advisory Data center consolidation planning Command center performance improvement Green data center advisory 5

Technology Security We help our clients assess, design, implement and maintain a secure and high performance business environment. Security Monitoring Designs and implements security solutions to monitor the efficiency and effectiveness of security operations, controls and infrastructure. Security operations Security assessments Ethical hacking Testing services Patch management Rules management Anti-virus applications IPS, HIDS and NIDS Centralized logging and monitoring Security Management Designs and implements security policies, procedures and standards that describe pragmatic, risk-based mechanisms to maintain the confidentiality, integrity and availability of information systems and the data processed therein. Security policies Security procedures and standards Security organization Security awareness training Business Drivers Security Strategy Assesses, designs and implements a security strategy and governance program framework that describes the process, controls, organization and infrastructure to manage information security related concerns. Data protection User provisioning Access certification Application security Security Implementation Designs, implements and integrates security solutions to address enterprise risks and exposures. Security architecture Application security Security infrastructure components (e.g., firewalls, IDS and PKI) User provisioning Role management Access certification Data protection Cryptographic services Governance, Policies & Standards Asset Profiling Technical Security Architecture Processes and Operational Practices Technical Specifications People and Organizationa l Management Security Program Compliance and Reporting Integrity Technology Risk We assist our clients in establishing an effective risk and control environment by assessing and improving their IT risk management and internal control processes and remediating compliance gaps. Technology Risk and Governance Help our clients evaluate, define, implement and manage their technology risk, governance and regulatory compliance programs to achieve executive priorities and address business transformation challenges. Framework design Policies and procedures Risk identification and assessment Risk mitigation and controls Risk monitoring and reporting Training Regulatory Technology Risk Assess and address the technological and information impacts of regulatory requirements affecting business processes. Compliance gap assessments Regulatory compliance improvement Risk Management Strategic Plan Governance and Organizational Structure Resource needs Policies/Standards/ Procedures Third-Party Assurance Prepare and issue assurance reports related to our clients business and technology control environments. SAS 70 reporting Financial Institution Shared Assessment Program (FISAP) agreed-upon procedures Systrust reporting Risk Program Functional/Processes Risk Framework Evaluations Event Identification Risk Aggregation Issues Management/Tracking Awareness Program Technology Controls Help our clients implement and maintain the integrity, reliability and availability of their technology environments, systems and data through our risk-based approach. General and infrastructure controls Application controls and security assessments ERP applications Industry-specific applications Transaction Advisory Internal Audit Vendor risk management program design, analysis and vendor assessments Compliance Function Risk Reporting Risk Measurements and metrics Risk Dashboards KPIs, KRIs, Issues/Problems Attestation Findings Program/Project Status and Post Assessments Trend Analysis Feeds to Continuous Improvement Processes Compliance with Policies/Standards/Procedures Operations Incidents, Availability, SLA s, Problem Management Regulatory Controls Major System Initiatives Audit Attestations Business Monitoring 6

Get the scoop online Get ready for day one! Learn about us on our website ey.com/us/eyinsight EY 360 : Meet real Ernst & Young people Picture Yourself: See what practices might work for you Interview Insider: Get advice on interviewing from Ernst & Young people Join our Facebook page What are your questions? 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information