Novell Compliance Management Platform Update CMP & CMP Extension for SAP Environments Leo Castro Product Marketing Manager Patrick Gookin.

Slides:

Advertisements

Similar presentations

What’s New for 2013 Steve Allen CEO, iDatix Corproation.

Advertisements

Ninth Lecture Hour 8:30 – 9:20 pm, Thursday, September 13

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

HP Quality Center Overview.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

A Federated Approach to Systems Management Todd Nugent Mike Huffstatler Sr. Product Specialist Systems Engineer.

ITIL: Service Transition

SACM Terminology Nancy Cam-Winget, David Waltermire, March.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

A Presentation for the Enterprise Architect © 2008 IBM Corporation IBM Technology Day - SOA SOA Governance Miroslav Petrek IT Software Architect

© 2004 Visible Systems Corporation. All rights reserved. 1 (800) 6VISIBLE Holistic View of the Enterprise Business Development Operations.

Refresh, V.10, July 2, 2010 Name Title, Date Copyright © 2011 Infor. All rights reserved. INFOR – A LOOK INTO THE FUTURE NameJamie Bridgman TitleAccount.

Rick Killpack Senior Product Manager Identity and Security Novell, Inc. sample for a picture in the title slide SAP and Novell: Extending IT Governance.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Realising the Potential of Service Oriented Architecture Kris Horrocks Connected Systems Division Microsoft.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Accounts Payables Invoice Automation for SharePoint.

Release & Deployment ITIL Version 3

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Governance, Risk, and Compliance Bill Greene Senior Industry Director.

The Integration Story: Rational Quality Manager / Team Foundation Server / Quality Center Introductions This presentation will provide an introduction.

Salesforce Change Management Best Practices

Getting Smarter with Information An Information Agenda Approach

A Balancing Act Between Risk Appetite and Risk Tolerance Federal Information Systems Security Educators’ Association Conference March 2005 Ezra Cornell.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

The Evergreen, Background, Methodology and IT Service Management Model

Online | classroom| Corporate Training | certifications | placements| support CONTACT US: MAGNIFIC TRAINING INDIA USA :

Sample for a picture in the title slide SAP and Novell Collaborate on Comprehensive, Integrated Governance, Risk, and Compliance Solutions.

ETICS2 All Hands Meeting VEGA GmbH INFSOM-RI Uwe Mueller-Wilm Palermo, Oct ETICS Service Management Framework Business Objectives and “Best.

EMI INFSO-RI SA2 - Quality Assurance Alberto Aimar (CERN) SA2 Leader EMI First EC Review 22 June 2011, Brussels.

11g SOA and BPM Real-Time business visibility Business process efficiency Simplify operational environment Manage increasing event and service volumes.

Auditing Information Systems (AIS)

CONNECT Roadmap Draft version as of February 4 th,

DESIGNING A LONG-TERM INTEGRATION ARCHITECTURE FOR PROVISIONING TNC May 2007, Copenhagen Aida Omerovic Scientist & project manager – UNINETT FAS,

The Minnesota State Colleges and Universities system is an Equal Opportunity employer and educator. Information Technology Enterprise Strategic Investment.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Unlocking the Business Value of Information for Competitive Advantage

Example Incident Mgmt Initiation No recording of Incidents Users can approach different departments Solutions of previous incidents are not available.

SAP Identity Management 7.2 Implementation

BUSINESS USER MONITORING OBSERVEIT 5.8. Firewall IDS IAM SIEM Business Users IT Users USERS ARE GATEWAYS OF RISK Contractors Systems AppsData.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.

Software Project Management (SEWPZG622) BITS-WIPRO Collaborative Programme: MS in Software Engineering SECOND SEMESTER /1/ "The content of this.

Rod Fontecilla, Ph.D. Vice President Application Services Nov 2015 Deploying Applications Using DevOps.

Rational Unified Process Fundamentals Module 4: Core Workflows II - Concepts Rational Unified Process Fundamentals Module 4: Core Workflows II - Concepts.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Oracle’s EPM System and Strategy

The Service Monitoring and Control Toolkit 1 Protect your business with an effective alert management system and high service availability.

Aligning Business Process Architecture and Enterprise Architecture: A Model Driven - Service Oriented Approach Chris Capadouca Business Solutions Architect.

Introducing Novell ® Identity Manager 4 Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)

SG SCM with MKS scmGalaxy Author: Rajesh Kumar

Notes accompany this presentation. Please select Notes Page view. These materials can be reproduced only with written approval from Gartner. Such approvals.

Cisco Consulting Services for Application-Centric Cloud Your Company Needs Fast IT Cisco Application-Centric Cloud Can Help.

Building a Sound Security and Compliance Environment for Dynamics AX Frank Vukovits Dennis Christiansen Fastpath, Inc.

Chicago Dashboard and Xcelsius Roadmap © SAP 2008 / Page 1.

1© Copyright 2016 EMC Corporation. All rights reserved. VIEWTRUST SOFTWARE OVERVIEW RISK MANAGEMENT AND COMPLIANCE MONITORING.

IDC Says, "Don't Move To The Cloud" Richard Whitehead Director, Intelligent Workload Management August, 2010 Ben Goodman Principal.

Forrester and Novell Novell ® Identity Manager 4 Webcast I Insert Presenter's Name (16pt) Insert Presenter's Title (14pt) Insert Company/ (14pt)

Viewtrust software overview

ITIL: Service Transition

Citrix: Proactively Addressing Enterprise Wide Access Compliance with SAP® Access Violation Management Company Citrix Systems Inc. Headquarters Ft. Lauderdale,

Governance, Risk, and Compliance Bill Greene Senior Industry Director

EOB Methodology Overview

SAP Access Violation Management by Greenlight

Making Information Security Manageable with GRC

SAP GRC EOH GRC Solutions Divisional divider Option 1.

Design Secure & Compliant Roles for Oracle ERP & HCM Cloud

EOH GRC Accelerator Business Challenges Solution Overview

Presentation transcript:

Novell Compliance Management Platform Update CMP & CMP Extension for SAP Environments Leo Castro Product Marketing Manager Patrick Gookin Product Manager

© Novell, Inc. All rights reserved. 2 Agenda CMP Automation Validation Continuous Compliance CMP & CMP/SAP Roadmap CMP 1.0 SP2 SAP SAP Lab Status Orion - CMP for SAP 2.0 CMP 2.0 Themes Questions

CMP & Continuous Compliance

© Novell, Inc. All rights reserved. 4 Automation and Validation Supporting Governance, Risk Management, and Compliance

© Novell, Inc. All rights reserved. 5 Solutions Compliance Management Platform Industry Leading Modular Product Offerings Tightly integrated compliance and governance solutions Novell ® Access Manager Novell ® Identity Manager Novell ® Sentinel ™

© Novell, Inc. All rights reserved. 6 Infrastructure GRC Software IT Continuous Controls Monitoring IT GRC Management Information GRC Management Access Control / Segregation Of Duties Analysis IT Security Compliance Audit and Analysis Change Audit and Analysis Database Audit and Analysis Source: IDC’s Worldwide Governance, Risk, and Compliance Infrastructure Taxonomy, 2010 IDC defines an “infrastructure GRC packaged software ecosystem” within which Novell has some coverage Areas of Novell coverage (Q2 2010)‏

© Novell, Inc. All rights reserved. 7 © SAP 2008 / Page 7 Novell ® and SAP Help Customers Drive to Integrated Excellence and Achieve the Right Balance of Controls and Processes Drive continuous compliance Provide clear visibility to the business Full Business Visibility –Enterprise risk- driven business decisions –Risk mitigation and remediation –Mapping of risks that affect business objectives –Clear visibility to the enterprise of business/IT processes and policies Full Business Visibility –Enterprise risk- driven business decisions –Risk mitigation and remediation –Mapping of risks that affect business objectives –Clear visibility to the enterprise of business/IT processes and policies Integrated Excellence Fully integrated processes and policies bringing clear visibility to impact on business objectives Risk management Security management Process management Access management Integrated “out-of- box” policies, processes and best practices Business Governance –Optimize access policies –Preventative controls –Policy automation –Access visibility –Map access to process compliance –Real-time event monitoring Business Governance –Optimize access policies –Preventative controls –Policy automation –Access visibility –Map access to process compliance –Real-time event monitoring Continuous Compliance Identity / security integration with access controls Tight integration with access control and identity management Unsustainable –Limited awareness of risks and controls –Manual processes Unsustainable –Limited awareness of risks and controls –Manual processes Reactive Spreadsheets Manual documentation Siloed compliance infrastructure

© Novell, Inc. All rights reserved. 8 © SAP 2008 / Page 8 SAP Roles-Rules-Policy Health Check Integrated Novell-SAP GRC Access Control Pilot Integrated Novell-SAP ERP Pilot Access Certification Assessment SAP ID and Entitlement Health Check Wedge OfferVision Offer Typical Deal Sizes $750k + Services ($500k from Novell CMP)‏ ($250k from SAP AC)‏ (Deloitte services based on scope criteria)‏ $1.25 million + Services ($500k from Novell CMP)‏ ($750k from SAP AC, PC, RM)‏ (Deloitte services based on scope criteria)‏ Solution Compliance Management Platform (CMP)‏ Compliance Management Platform Access Control Process Control Enterprise Risk Management Audience Current Novell IdM customers May or may not have SAP already deployed Existing Deloitte, Novell, and SAP installs Current Novell IdM customers Non-SAP GRC customers SAP-Deloitte shelfware customers Sales Message Up-sell existing Novell IdM customer base through convergence of CMP & GRC Further the vision of full business risk visibility through Novell & SAP GRC solutions SAP – Novell – Deloitte Joint Offerings

Roadmap

© Novell, Inc. All rights reserved. 10 Overall CMP Roadmap Current Offering CMP CMP extensions for SAP environments: Access Control integration Q Q H H 2011 Orion CMP extensions for SAP environments: Process Control and Risk Management Integration CMP 2.0 IT Continuous Compliance Platform IT Compliance Manager CMP 1.0 SP2 IDM 4.0 Support Sentinel 6.2 NAM 3.1.2

CMP 1.0 SP2

© Novell, Inc. All rights reserved. 12 CMP 1.0 SP2 Q Product Upgrade Release IDM 4.0 Support Sentinel 6.2 AM 3.1.2

CMP Extension for SAP Environments

© Novell, Inc. All rights reserved. 14 CMP SAP Lab Status Novell SAP Lab Kudos to Holger Dopp & Rick Moore Completing SAP Application Configuration Building out the initial Use Cases Purpose: Engineering support Demo recording capabilities VM Template capability NODS Lab Must aquire hardware Establish maintenance/support

© Novell, Inc. All rights reserved. 15 Orion - CMP SAP 2.0 Q Expanded SAP GRC Support SAP GRC Process Control SAP GRC Risk Management SAP GRC Access Control Enhancements Bug fixes/enhancement requests

© Novell, Inc. All rights reserved. 16 SAP GRC Process Control Integration Integration with SAP BusinessObjects Process Control Development of Process Control Alert Adapters Occurrence of High-Risk Activities Occurrence of Process Violations Occurrence of Critical System Outages Development of Automated Mitigation Controls Restart Identity Services Roll-back of Improper Data Changes Account Locking Scenario Development and Documentation

© Novell, Inc. All rights reserved. 17 SAP GRC Risk Management Integration Key Risk Indicator Components CMP KRI Gateway Driver IT-related KRIs KRI Dashboards KRI Reports Integration with SAP BusinessObjects Risk Management Implementation of Event-Based KRI Interfaces Scenario Development and Documentation

© Novell, Inc. All rights reserved. 18 Novell IT Key Risk Indicator Examples Risky Behavior Indicators Bad Login Attempts Password Changes Authorization Changes IT Performance Indicators Metrics for System Availability Workflow Run-Times Provisioning / Deprovisioning Statistics Monitor the Need for, and Effectiveness of, Controls Identify Out-of-Policy Administration Activity Verification of Performance of Control Tasks

CMP 2.0 Themes

© Novell, Inc. All rights reserved. 20 CMP 2.0 Themes Unified Compliance Framework IT Risk Management Framework KRI Gateway IT Risk Assessment Content Packaging Framework Flexible Product Bundling

© Novell, Inc. All rights reserved. 21 Unified Compliance Framework Fo

© Novell, Inc. All rights reserved. 22 IT Risk Management IT Risk Assessment IT Risk Dashboard KRI Support KRI Gateway KRI Modeling and Implementation

© Novell, Inc. All rights reserved. 23 Content Packaging Framework Package, Deploy and Maintain Solutions IDM Policies Sentinel Correlation Rules Reports Role Models Workflow Definitions KRI Definitions Implementations of IT Controls SI Solution Delivery

© Novell, Inc. All rights reserved. 24 Flexible Product Bundling Core product bundle Focus on Continuous Control Monitoring Support for extensions (ie SAP)‏ Compliance support for any product combination

Questions?