Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stanko Cerin Ostendo Consulting

Published bySolange Ruel Modified over 5 years ago

Similar presentations

Presentation on theme: "Stanko Cerin Ostendo Consulting"— Presentation transcript:

1 Stanko Cerin Ostendo Consulting
Cloud Platform for Designing Corporate System of Risk Management in Insurance Cloud platforma za izgradnju korporativnog sustava upravljanja rizikom Stanko Cerin Ostendo Consulting

2 20 minuta Da li je upravljanje rizikom moguće pružiti iz clouda?
Što nam zapravo treba? Šro se nudi?

3 Rizici upravljanja rizikom IZ CLOUDA
DISASTER RECOVERY Rasprava: RIZICI vs PREDNOSTI PERFORMANSE CIJENA POUZDANOST CURENJE PODATAKA

4 Osiguravateljna industrija IMA SPECIFIČNE PROBLEME
Rasprava: Kako provesti IT reviziju clouda? Kako zadovoljiti regulatora?

5 GARTNER PRIMJENJIVOST MAGIC QUADRANT RJEŠENJA U REGIJI
Thomson Reuters RSA Archer IBM Open Pages Nasdaq BWise SaaS ili ne pitanje je sad

6 Što nam zapravo treba? Studija 23 društva iz regije

7 CONTROL WHAT YOU CAN WWW.DELPHIIS.COM Meaningful Use PCI DSS SOX FFIEC
SSAE 16 ISO 27001/2 HITECH GLBA NIST COSO HIPAA EU Safe Harbor ITIL COBIT

8

9

10 SONAR Create an assessment from existing template
Step 1. Create Create an assessment from existing template Create an assessment from scratch Step 2. Assign Assign to responders Independent or Split Responses Step 3. Report Generate report Step 4. Review Submit findings report for review/comment Step 5. Finalize Publish report Generate Remediation Roadmap

11 Step 4. Managed Execution
PROPULSION Step 1. Define Projects Create from findings report Input manually Step 2. Choose Criteria Choose issues most relevant to the business Step 3. Prioritize Prioritize based on criteria Step 4. Managed Execution Manage high-level project dashboard Report back to assessor

12 Vizualizacija Upravljanje sukladnošću Upravljanje revizijom Upravljanje rizikom Katalog kontrola Upravljanje kontinuitetom poslovanja

13 CLOUD or LOCAL Problem upravljanja rizicima, sukladnošću, revizijom...
Traže se veliki resursi Dedicirani ljudi Integracija sa ključnim ploslvnim procesima Često prikupljanje raznih podatka Smisao GRC platformi – automatizacija prikupljanja i obrade podataka iz IS-a organizacije – KAKO IZ CLOUDA?

14 Magic quadrant rješenja
>300 k$ (50% licence + 50% implementacija) SaaS može početnu investiciju umanjiti za cca 30% Jako kompleksna i uvijek nedostaje baš modul koji nam treba Delphiis Odličan za fazu usklađivanja Ograničen u kasnijoj primjeni Eramba Dobra podloga za tvrtku sa snažnim developerskim timom Ne podržava postupak usklađivanja Naše USA iskustvo (Delphiis i...) Amgen – SharePoint + service desk in private cloud Sony – SharePoint + SD outsourced private cloud Stanford University – SharePoint + SD outsourced private cloud

15 Hvala

Download ppt "Stanko Cerin Ostendo Consulting"

Similar presentations

Agenda What is Compliance? Risk and Compliance Management

Agenda What is Compliance? Risk and Compliance Management
SCVMM 2008 R2 i Self Service Portal na pravi način Romeo Mlinar Ekobit d.o.o.

SCVMM 2008 R2 i Self Service Portal na pravi način Romeo Mlinar Ekobit d.o.o.
G R C The Science of Compliance ® ®. Craig Isaacs CEO, Unified Compliance Framework The world's largest and most reviewed legal framework. 2.

G R C The Science of Compliance ® ®. Craig Isaacs CEO, Unified Compliance Framework The world's largest and most reviewed legal framework. 2.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
200 International Dr., Buffalo, NY 14221-5794 (716) 634-8800 Lifting the Fog to See the Cloud Information Security.

200 International Dr., Buffalo, NY (716) Lifting the Fog to See the Cloud Information Security.
MICROSOFT CONFIDENTIAL. Presentation Goals Excel Server 2007 Bit Locker.

MICROSOFT CONFIDENTIAL. Presentation Goals Excel Server 2007 Bit Locker.
Frameworks, Standards and Regulations IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA, MS, CIA, CISA, CISSP)

Frameworks, Standards and Regulations IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA, MS, CIA, CISA, CISSP)
Bill McClanahan – Principal Business Consultant LPS Integration.

Bill McClanahan – Principal Business Consultant LPS Integration.
Cloudy Weather: How Secure Is the Cloud? David Aiken Windows Azure Microsoft Corporation.

Cloudy Weather: How Secure Is the Cloud? David Aiken Windows Azure Microsoft Corporation.
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.

Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.
Enterprise Risk Management & IT Compliance March 30, 2010 Presented by: Ken Rowe, Director Enterprise Systems Assurance & Chief Security Officer University.

Enterprise Risk Management & IT Compliance March 30, 2010 Presented by: Ken Rowe, Director Enterprise Systems Assurance & Chief Security Officer University.
Roadmap to Maturity FISMA and ISO 2700x. Technical Controls Data IntegritySDLC & Change Management Operations Management Authentication, Authorization.

Roadmap to Maturity FISMA and ISO 2700x. Technical Controls Data IntegritySDLC & Change Management Operations Management Authentication, Authorization.
Storm Clouds Kenneth R. Ledger Director, Risk Management.

Storm Clouds Kenneth R. Ledger Director, Risk Management.
Working with HIT Systems

Working with HIT Systems
- Back to the beginning - Simply put – SOX - accountability - internal framework - effectiveness of controls - attestation IT Control Objectives for SOX.

- Back to the beginning - Simply put – SOX - accountability - internal framework - effectiveness of controls - attestation IT Control Objectives for SOX.
GRC: Aligning Policy, Risk and Compliance

GRC: Aligning Policy, Risk and Compliance
1Info-Tech Research Group Vendor Landscape: eGRC Solutions Info-Tech Research Group, Inc. Is a global leader in providing IT research and advice. Info-Tech’s.

1Info-Tech Research Group Vendor Landscape: eGRC Solutions Info-Tech Research Group, Inc. Is a global leader in providing IT research and advice. Info-Tech’s.
Presenter Gene Geiger, A-LIGN Partner -HITRUST Practitioner -CPA -CISSP -CCSK -QSA -PCIP -ISO 27K LA.

Presenter Gene Geiger, A-LIGN Partner -HITRUST Practitioner -CPA -CISSP -CCSK -QSA -PCIP -ISO 27K LA.
1© Copyright 2016 EMC Corporation. All rights reserved. VIEWTRUST SOFTWARE OVERVIEW RISK MANAGEMENT AND COMPLIANCE MONITORING.

1© Copyright 2016 EMC Corporation. All rights reserved. VIEWTRUST SOFTWARE OVERVIEW RISK MANAGEMENT AND COMPLIANCE MONITORING.

Similar presentations

Ads by Google