Best Practices and Controls for Compliance and Risk Management

During this presentation we will provide a summary discussion of the COSO Model and an overview of COSO's Guidance on Monitoring Internal Control Systems. We will discuss the relevance of the guidance to other governance models, and discuss the Practical Implementation the concepts in the COSO monitoring model specific to - IT Operations - Information Security - Application Change Management - Project Management and Portfolio Management

After completing this session participants will be able to: ■ Learn about how to define the right RFP requirements for the GRC ■ Integrate risk management, compliance and audit activities into a unified GRC tool ■ Prepare strategies for streamlining the process and reducing costs associated with global trade regulatory compliance ■ Get key technical insight into how to plan and prepare your organization for a new implementation

Every key business process in an organization is reliant on and driven by technology. The importance of having effective controls to monitor user access, transactional integrity and detect fraud is critical to ensure compliance with regulations and industry mandates, as well as stopping operational losses. With the speed of business today, using manual detective controls will not provide an organization enough assurance that business risks, compliance failures or operational shortfalls won’t occur. Forward thinking organizations that implement automated, real-time business controls for monitoring user misuse of access and transactional activities are realizing substantial business benefits in terms of compliance efficiencies, reduction of inherent risk and the elimination of operational losses. This session will discuss the business drivers behind implementing a comprehensive, automated business control monitoring approach that enables organizations to evolve their business control frameworks from detective, period-based controls to real-time preventative controls and then to predictive controls driven by data analytics.

Abstract: The explosion of mobile technology in recent years represents a boon to end users and a bane to information security professionals. Mobile devices in the workplace run the gamut of risks, from physical to network to data to legal & regulatory. This presentation will cover risk management methodologies and practical methods for applying risk mitigation techniques within your organization.

This e-Symposium qualifies for 3 CPE points. To obtain CPE credit, members must download and listen to all event presentations and successfully complete a CPE quiz. To access the quiz, click the CPE button at the top of this page or click the Play button below.