Best Practices and Controls for Compliance and Risk Management

If your enterprise struggles with the challenges associated with implementing, sustaining and improving upon your GRC framework through monitoring and analysis, this program will be beneficial for you. Register now to hear our experts discuss the controls and best practices needed to reduce risk, improve security, sustain compliance and answer your questions live! Join us live on Tuesday, 28 February 2012 for this informative event.

Program

28 February '12 - 8:00am PST / 11:00am EST / 4:00pm GMT

Opening Remarks - Moderator

Marc Vael

Chief Audit Executive

Smals

28 February 2012 - 8am PST / 11am EST / 4pm GMT

COSO Monitoring: Practical Implementation in IT Control Frameworks

During this presentation we will provide a summary discussion of the COSO Model and an overview of COSO's Guidance on Monitoring Internal Control Systems. We will discuss the relevance of the guidance to other governance models, and discuss the Practical Implementation the concepts in the COSO monitoring model specific to - IT Operations - Information Security - Application Change Management - Project Management and Portfolio Management

Kurt Manske

Senior Manager and Technology Consulting Practice Leader

Grant Thornton International Ltd

28 February '12 - 8:45am PST / 11:45am EST / 4:45pm GMT

Make GRC Tools Work for Your Risk Management Program

After completing this session participants will be able to: ■ Learn about how to define the right RFP requirements for the GRC ■ Integrate risk management, compliance and audit activities into a unified GRC tool ■ Prepare strategies for streamlining the process and reducing costs associated with global trade regulatory compliance ■ Get key technical insight into how to plan and prepare your organization for a new implementation

Bobby Singh

Director of Information Security & Risk Management

Rogers Communications (RCI)

28 February '12 - 9:30am PST / 12:30pm EST / 5:30pm GMT

The importance of deploying continuous business controls monitoring for compliance & operational risk management

Susan Stapleton

VP Customer Advisory

Greenlight Technologies

28 February '12 - 10:15am PST / 1:15pm EST / 6:15pm GMT

Automating IT Data Collection and Compliance for GRCM Controls

In order to function, a GRCM platform requires extensive data input from throughout the enterprise. The GRCM must establish if IT controls should be absent or present, and whether existing IT controls are compliant or non-compliant. Since most of the controls in a GRCM relate to process, operations, and management, their related data are usually captured via questionnaires that are manually completed by staff and entered into the system. Manually capturing data is appropriate for those controls, but it cannot scale to address technical controls. A typical large enterprise can have thousands, tens of thousands, or even hundreds of thousands of global IT assets in scope, so automation becomes a mandatory requirement for discovering these assets, identifying their owners, evaluating their state of configuration, and ensuring that configurations conform to policy. This session will explore complementary solutions that augment Gartner’s eight core functions of IT GRCM and related automation capabilities by integrating functionality into the legacy IT GRCM solutions.

Matthew Alderman

Director, Product Management

Qualys, Inc.

28 February '12

CPE Quiz

This e-Symposium qualifies for 3 CPE points. To obtain CPE credit, members must download and listen to all event presentations and successfully complete a CPE quiz. To access the quiz, click the CPE button at the top of this page or click the Play button below.