jeff kushner trends in grc management
DESCRIPTION
TRANSCRIPT
www.modulo.com
Modulo Leadership
• 25+ years experience in IT security and GRC management– 300% US growth (09-10)– Over 400 employees world-wide
• Global Leader- Automated GRC Management Solutions – Nine-year of development, a mature product
• Active member of evolving GRC standards– ISO 27001, ISO 31000, PCI SVA & Shared Assessments/Bits Initiative
• 1st company in the world to obtain ISO 27001 certification– ISO 9001 certified since 1998
www.modulo.com
Complexity and Risk Continue to Increase
Source: An Executive View of IT Governance,IT Governance Institute
www.modulo.com
Constant Change
• Regulations• Polices• People• Processes• Technology
People
Technology
ProcessPolicy
Process
Policy
Technology
People
Process
Technology
www.modulo.com
Fragmented Approach to GRC Management
People Technology
ProcessFacility
People Technology
ProcessFacility
People Technology
ProcessFacility
• No common platform
• Lack of automation
• Little Consistency
• Limited visibility
www.modulo.com
Automation, Practice and Policy in Information Security for Better Outcomes, IT Policy Compliance Group
www.modulo.com
Automation, Practice and Policy in Information Security for Better Outcomes, IT Policy Compliance
Group
www.modulo.com
Global survey into the integration of governance,risk and compliance, KPMG
www.modulo.com
Global survey into the integration of governance,risk and compliance, KPMG
www.modulo.com
IT Balancing Enterprise Risk and Reward, Aberdeen Group
www.modulo.com
IT Balancing Enterprise Risk and Reward, Aberdeen Group
www.modulo.com
Beyond Demonstrating Compliance, Aberdeen Group
www.modulo.com
Beyond Demonstrating Compliance, Aberdeen Group
www.modulo.com
Value of a CommonArchitecture for GRC Platforms, Michael Rasmussen
• The goal: An enterprise view of risk and compliance on a common architecture
• The Value: A common architecture relieves the GRC burden on the business– Disconnected risk and compliance processes
introduce greater exposure– Manual processes drive inefficiency and raise GRC
costs– GRC, done right, delivers efficiency and value to the
organization
www.modulo.com
Value of a CommonArchitecture for GRC Platforms, Michael Rasmussen
• Foundations of a GRC Technology Architecture– A common user interface (screen design) for all
applications– A common workflow engine throughout the applications– A common security model to protect applications and data– A common programming language used to build the
applications– A common database used to run the applications– A common enterprise architecture (a method for
describing the departments and divisions within the organization)
www.modulo.com
References
• http://www.itgi.org/• http://www.itpolicycom
pliance.com/• http://www.kpmg.com/
Global/en/IssuesAndInsights/ArticlesPublications/Pages/The-convergence-challenge-Global-survey.aspx
• http://www.modulo.com/research/ (Aberdeen Reports)
• http://www.corp-integrity.com/
www.modulo.com
ModuloThe Company
www.modulo.com
Example of Modulo Clients
South Carolina Department of Health and Human Services
www.modulo.com
Modulo GRC Metaframework
www.modulo.com
The Modulo Advantage
• Automate the manual fragmented approach to GRC management
• Comply with multiple regulations
• Lower IT and enterprise risk
• Reduce cost of people resources and IT infrastructure overhead
• Know where you stand quicker = ROI
www.modulo.com