Put your company logo here Confidential Data Upgrade from 8.x to 9.0.

Slides:

Advertisements

Similar presentations

Mission Oriented, Customer Focused

Advertisements

The IT Staff of the Future: The Importance of IT Business Alignment for Staff Development Katherine Spencer Lee Executive Director Robert Half Technology.

Managing IT Risk during a Global Business Merger Cheryl Danson April 2005.

Accounting and finance Introduction to accounting.

Chapter 1 Business Driven Technology

CONTROLLER/ BACK OFFICE Roles Qualifications Success Metrics years working experience in similar positions CPA or equivalent Knowledge of BPO industry.

Sarbanes-Oxley Compliance Process Automation

Security Controls – What Works

Enterprise Systems.

Dashboard Company Settings Controlled Online Accounting.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Chapter 10 Information Systems Management. Agenda Information Systems Department Plan the Use of IT Manage Computing Infrastructure Manage Enterprise.

CMS Fall Forum Fall 2003 November 18, 2003 Lorraine Frost.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Business Careers & Practices Week 1 Careers and Jobs in Accounting and Management Work Functions of Accounting and Management Technicians Business Functions.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Building an efficient pipeline for your bank communication

Enterprise Resource Management

The future shape of business is being redefined through outsourcing.

LOGO Business Intelligence System Mr. Natapong Wongprommoon Solution Architect G-ABLE Company Limited

4th December 2002Resource Management - Is it worth it? © Catalystix Resource Management Is it worth it? Ian Simpson.

Internal Auditing and Outsourcing

Functional Areas within Business

Functional areas within business. 1.5 Functional areas within business Key functions in business Operations Finance Research and development Human.

Engagement Partners ACTS Demographics History ACTS has been in business for over 10 years. The organization’s history with its leadership for 17 years.

1 Jon Whitfield Agency CEO Head of Government Internal Audit.

INFORMATION SECURITY REGULATION COMPLIANCE By Insert name dd/mm/yyyy senior leadership training on the primary regulatory requirements,

Chapter 2 – Enterprise Systems

AIGS – PG Department For students PG (M.com and MFA)

Module 3 Develop the Plan Planning for Emergencies – For Small Business –

C © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 1 C © 2013 Cisco and/or its affiliates. All rights.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Identifying Segregation of Duties Issues in a PeopleSoft Environment

National Technical University of Ukraine "Kyiv Polytechnic Institute" (1898 – 2013)

Roles and Responsibilities

1 The Auditor’s Perspective Division of Sponsored Research Research Administration Training Series Presented by: Joe Cannella Audit Manager,

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Contract & Commercial Management - the seller side Christian Sandbeck 20 nd October 2009.

ASHRAE Staff Report: The Business of ASHRAE. ASHRAE Membership Membership up over last year – 52,1993 total members – 43,372 members in US and Canada.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Who wants to be an Entrepreneur? Social Enterprise Development Lessons from the North West.

SOCIAL BUSINESS PLAN. SOCIAL BUSINESS  Social enterprise is a business that trades for a social purpose. The social aims of the business are of equal.

International Consulting Data Sheet. 1 Program Management for International Headquarters (IHQ) Why does a company go International ? Increase of business.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved Plug-in B10 ENTERPRISE RESOURCE PLANNING.

SFDV Principles of Information Systems Lecture 15: Enterprise Integration.

© Copyright 2008 by Themis Software Ltd. All intellectual property rights are reserved and protected by international copy protection and trademark laws.

Develop your Legal Practice using “Cloud” applications, but … Make sure your data is safe! Tuesday 17 November 2015 The Law Society, London Allan Carton,

The Accounting function Understand the accounting function within an organisation.

Industry’s Perspective on Industry-University Intellectual Property External Research Directors Network Industrial Research Institute, Inc. April 17, 2001.

Michael Fine 1. What is a Digital Firm?  Subjective?  Expectations vs. Success  The digital firm provides services to a client company, main company,

Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.

Topic 4.  Customer relationship management (CRM) is a model for managing a company’s interactions with current and future customers.  CRM refers to.

Current risk and compliance priorities for law firms PETER SCOTT CONSULTING.

Year 12: Unit 2, living in the digital world. 1. What is ICT? ICT is the use of technology to convert data to information. It covers many areas, especially.

CMGT 400 Entire Course CMGT 400 Week 1 DQ 1  CMGT 400 Week 1 Individual Assignment Risky Situation  CMGT 400 Week 1 Team Assignment Kudler Fine Foods.

Welcome. Contents: 1.Organization’s Policies & Procedure 2.Internal Controls 3.Manager’s Financial Role 4.Procurement Process 5.Monthly Financial Report.

RESOURCES AND CORPORATE DEVELOPMENT SCRUTINY COMMITTEE Tuesday 17 th June 2003 RESOURCES DIRECTORATE Julie Alderson Executive Director Resources.

Norming Professional Service Automation Norming Software International Ltd.

Washington State Auditor’s Office Third Party Receipting Presented to Washington Public Ports Association June 2016 Peg Bodin, CISA.

BUSINESS INFORMATION SYSTEMS

CUSTOMER RELATIONSHIP MANAGEMENT

Security Management: Successes and Failures

DEPARTMENT OF MANAGEMENT STUDIES

Enterprise Resource Planning (ERP)

Compliance….GlobalSearch……WHAT?!?!

NİŞANTAŞI ÜNİVERSİTESİ

Competitive Advantage with Information Systems within Organizations

KEY INITIATIVE Finance Function Management

Presentation transcript:

Put your company logo here Confidential Data Upgrade from 8.x to 9.0

Speaker Michael Stutz - Consultant 22 years of IT industry experience 15 years of PeopleSoft experience PeopleSoft v.2.11 – v.9.0 Mostly Technical but some Functional Primary: HRMS / Payroll / Benefits Recently: Campus Solutions... also some CRM and Financials Numerous International Banks Very Large Corporations Very Small Companies

Agenda Who – Who’s data is it anyway? What – Elements of Concern Why – Driving Factors How – Protection in Action Where – Environments When – & When Not to! Tools – Secure, Separate, Scramble Questions & Answers

WHO – Has Information Applications o HRMS / Payroll / Benefits o Campus Solutions (Student Admin / Financials / Aid) o Financials (GL / AP / AR / etc.) o Customer Relationship Management (CRM) Departments or Parts of the Organization o IT o Call Centers o Marketing o Sales and Sales Operations o HR / Payroll / Benefits o Legal o Finance and Accounting o Research and Development

WHO – Needs Access Management o Department Heads (Corporate) o Managers with Direct Reports (Line Managers) Back Office o Human Resources / Payroll / Benefits o Accounting o Corporate Dashboards and Reporting IT o Developers o Database & Systems Administration o IT Management Interfaces to Other Organizations

WHO – Is Responsible Management o Department Heads (Corporate) o Managers with Direct Reports (Line Managers) Back Office o Human Resources / Payroll / Benefits o Accounting o Corporate Dashboards and Reporting IT o Developers o Database & Systems Administration o IT Management Interfaces to Other Organizations Keep Needs, Access, & Responsibility Synchronized

WHAT Elements of Concern o Intellectual Property o Business Confidential Information o Customer and Consumer Data o Employee Data Motion o At Rest o In Transit within Organisation o In Transit on the WWW

WHAT Intellectual Property Business Confidential o Business Strategy o Project & Costing o Marketing Plans o Budgets and Forecasts

WHAT Customer & Consumer o Key Accounts o Contact Information o Product or Service Issues o Contracts

WHAT Employee Data o Social Security Numbers o Dates of Birth o Pay Information o Health Care Information o Dependants & Dependant Information o Company Structure & Internal Contacts

WHY Risks Internal to Organization Employee Negligence Malicious Employees Business Processes Risks External to Organization Hackers / Theft (Laptops, USB Drives, etc.) Competition Sarbanes & Oxley / Basel I & Basel II

WHY Costs Confidentiality Legal Issues Loss Competitive Edge Employee Compensation Issues Sarbanes & Oxley Responsibility of Corporations Basel I & Basel II Responsibility of Banks Risk Management

WRITE THIS DOWN...

WHY (SOX) Risk Assessment Control Environment Culture based on Awareness & Integrity Keeping Balance: “What is our Business?” Control Activities Monitoring / Auditing Information and Communication

Half Way There!

HOW Create the Culture Define Data Types Identify Who is Responsible and Accountable Reduce Access Maintain Controls Maintain Culture Test (steps)

HOW - Create the Culture Addressed at All Levels of Organization (Vertical) Addressed across Corporation (Horizontal) Support of Upper Management (Top Down) Keep the Balance (Mind Your Business!) Cost / Benefit / RISK o Money in your Mattress? o Day-trading Penny Stocks?

HOW - Define Data Types What is Confidential Data? How do I Classify my Data?

HOW - Responsible & Accountable Identify those Responsible Identify those Accountable Identify those who need access Designate Authority Accordingly Ensure Responsibility, Accountability, and Authority are properly balanced and applied.

HOW – Reduce Access Reduction of Access Departmental Segregation Within IT Balanced against Cost Balanced against Effectiveness Balanced against Trust

HOW – Maintain Controls Access to Data Application Security Database Security Network Security Where is my Data? Laptops PDAs Internal / External

HOW – Maintain Culture Security Awareness Across The Organization Vertically within Organization KEEPING THE BALANCE!

HOW - Test Audit Ask! White Hat Trigger Monitoring Tools Triage Scenarios MIND YOUR BUSINESS

WHERE PRODUCTION STAGING TEST DEVELOPMENT VANILLA TRAINING

WHERE PRODUCTION STAGING TEST DEVELOPMENT MODS

WHERE PRODUCTION STAGING TEST DEVELOPMENT DATA

WHERE PRODUCTION TRAINING METADATA DATA

WHERE PRODUCTION TRAINING FOUNDATION CONFIDENTIAL Data Scrambler Mockup Data GENERAL DATA

WHEN Review the Who... o Database Administrators o System & Network Administrators o Developers o Management o Back Office

WHEN o Database Administrators  Have Access. Period. o System & Network Administrators  No Application Access  Any and All Reports o Developers  Negotiable! o Management – Application Security o Back Office – Application Security

WHEN - Developers Cost / Benefit / Risk How Many Developers Organization of Developers Production Support Modifications & Testing Database Access

WHEN - Developers PRODUCTION STAGING TEST DEVELOPMENT DATA

Tools (types) Secure Database Application Separate Applications (HR & Financials) Roles (Centralized vs Normalized) Environments (TST, DEV, TRN) Scramble Select Environments On the Fly

TOOLS - Separate Identify Data Types o SSN o DOB o Compensation  Department (Name & EMPLID Scrambled) Identify Records (Boeing / Princeton) o EMPLID o Compensation  Paycheck (Not keyed by EMPLID)

WRITE THESE DOWN... (Presentation & Resume) (RBAC & FURBAC) (Johan Bethlehem)

Questions Contact Information: Michael Stutz (888)