Presentation is loading. Please wait.

Presentation is loading. Please wait.

Monday, 17 August 2015 Compliance Management, Governance and Benchmarking Strategic security management.

Published byRoss Chase Modified over 9 years ago

Similar presentations

Presentation on theme: "Monday, 17 August 2015 Compliance Management, Governance and Benchmarking Strategic security management."— Presentation transcript:

1 Monday, 17 August 2015 Compliance Management, Governance and Benchmarking Strategic security management

2 C o m p l i a n c e M a n a g e m e n t Compliance ?! EuroSOX® COBIT Sarbanes- Oxley Proprietary standards DS 484:2005 (Danish Standard) ISO 27001 Other FDA ISO9001 Policy Enforcer® PresentationPage 2Monday, August 17, 2015

3 C o m p l i a n c e M a n a g e m e n t The challenge Policy Enforcer® PresentationPage 3Monday, August 17, 2015 Technical IT Corporate Governance Finance Physical security HRR&D 1001101101 0110011010 $ Common reference

4 C o m p l i a n c e M a n a g e m e n t The challenge Policy Enforcer® PresentationPage 4Monday, August 17, 2015  Most organizations have a security policy  Not all are communicated  Some are rooted in top management  Few are audited and enforced  Lack of common reference  Lack of clearly defines responsibilities  Lack of systematic internal audits

5 C o m p l i a n c e M a n a g e m e n t The pain Policy Enforcer® PresentationPage 5Monday, August 17, 2015  Compliance with Law  Compliance with rules and regulations  Compliance with best practices  Comments from external audit  Requirements from board or stockholders  Requirements from customers and partners  Good governance

6 C o m p l i a n c e M a n a g e m e n t Bringing it all together:  Management visions and targets  The processes of the organization  The features of the applications  The design of the infrastructure  Audit and review on all levels  Coherence between targets, processes and IT  Reporting to top management The thread from business to IT Controls Business processes Organization Applications Infrastructure Policy Enforcer® PresentationPage 6Monday, August 17, 2015

7 C o m p l i a n c e M a n a g e m e n t The solution Policy Enforcer® PresentationPage 7Monday, August 17, 2015  One portal for governance and compliance  Generic framework with editable content  Includes international standards  Best practices for security policies  Software built on proven technology  Combines manual and automatic enforcement in one system  Integrates with major vendors of system management  Simple to use and understand  Powerful reports

8 C o m p l i a n c e M a n a g e m e n t Customer benefits Policy Enforcer® PresentationPage 8Monday, August 17, 2015  Ensure compliance with approved policy  Reduce risks by appropriate audits  Improve communication concerning security  Increase internal security awareness  Reduce costs of external audit  Ensure maximum effect of investments

9 C o m p l i a n c e M a n a g e m e n t How it works Auditor Schedule Enforcement Procedures Policies Policy Enforcer ® Framework System Management IBM Tivoli MS SMS HP OpenView CA UniCenter N/A A B C IIS SQL SMTP SysAdmin Admin/User Policy Enforcer® PresentationPage 9Monday, August 17, 2015

10 C o m p l i a n c e M a n a g e m e n t Corporate compliance COMPLIANT NON COMPLIANT COMPLIANT WITH EXEPTIONS Policy Enforcer® PresentationPage 10Monday, August 17, 2015

11 1. Gather available information 2. Define the policy and anchor it in the organization 3. Define the important procedures 4. Define audits on the critical procedures 5. Perform the first audits 6. Present your first compliance report C o m p l i a n c e M a n a g e m e n t The process Policy Enforcer® PresentationPage 11Monday, August 17, 2015 Six steps to compliance

12 C o m p l i a n c e M a n a g e m e n t The cost Policy Enforcer® PresentationPage 12Monday, August 17, 2015  Policy Enforcer® with ISO 27001 content Organisation management Policy & Procedure Manual enforcement Automatic enforcement Basic reporting Extended reporting Data content control Features ME editionEnterprise editionStandard edition                 £ 5,900£ 9,900£ 24,900

13 C o m p l i a n c e M a n a g e m e n t The cost Policy Enforcer® PresentationPage 13Monday, August 17, 2015  Typical Policy Enforcer® solution startup Also featured as SaaS (Software-as-a-Service) online. Policy Enforcer® Software£ 9,900 Software maintenance 1 year (20%)£ 1,980 Installation and setup (partner)£ 1,900 Policy Creator project (partner)£ 5,900 - additional site is +10% Products & Services £ 19,680

14 C o m p l i a n c e M a n a g e m e n t Facts Policy Enforcer® PresentationPage 14Monday, August 17, 2015  Developed in C#  Require.NET 1.1 or later  Require SQL server  Running on IIS on Windows 2003 server  Uses generic SMTP for email  Supports Internet Explorer 5.5 and later  Integrates with Tivoli SCM  International language support  Content and UI can be freely modified  Can integrate with most log-files  Tested by Microsoft®

15 C o m p l i a n c e M a n a g e m e n t Policy Enforcer® PresentationPage 15Monday, August 17, 2015  Compliance and Governance are HOT topics  Address top management rather than IT  Get a strategic discussion about security  Total and ongoing security GAP analysis  Increase sales of security software  Package sales of security services  Policy Enforcer® provides a platform for governance and compliance that can be used as a reference for all future security projects. What’s in it for the reseller?

16 C o m p l i a n c e M a n a g e m e n t The link to security software? Policy Enforcer® PresentationPage 16Monday, August 17, 2015 Anti Virus Patch Management ”compliance” System Management Storage Management ”compliance” Storage Management Risk Management Services Policy Enforcer Compliance Management Software IT Security Policy ISO 27001 ILM Patch Management Asset Management Anti Virus Database Management Asset Management

17 C o m p l i a n c e M a n a g e m e n t The company Policy Enforcer® PresentationPage 17Monday, August 17, 2015  Policy Enforcer founded in 2005 by Frederik Helweg-Larsen  Funded by Technological Innovation and the Danish government  Frederik has 16 years of security experience (CISM)  Member of ISSA and ISACA  Customers in Government, Public sector, Private sector and Education  International resellers such as IBM and Deloitte  IBM Business Partner and Microsoft Certified Partner (ISV)

18 C o m p l i a n c e M a n a g e m e n t Contact us Policy Enforcer® PresentationPage 18Monday, August 17, 2015 Policy Enforcer ApS Gregersensvej 1 A DK-2630 Taastrup Denmark Phone: +45 70 20 88 18 www.policyenforcer.dk Frederik Helweg-Larsen CEO, CISM GSM: +45 40 57 68 28 fhl@policyenforcer.dk

19

Download ppt "Monday, 17 August 2015 Compliance Management, Governance and Benchmarking Strategic security management."

Similar presentations

260-994-0659 EzQMS incorporates easy access to your companys: –Quality Manual –Procedures –Corrective and Preventative Action –Work Instructions.

EzQMS incorporates easy access to your companys: –Quality Manual –Procedures –Corrective and Preventative Action –Work Instructions.
Capital Banking Solutions A Fresh Start in Banking Systems By Vantage Business Systems.

Capital Banking Solutions A Fresh Start in Banking Systems By Vantage Business Systems.
Deploying GMP Applications Scott Fry, Director of Professional Services.

Deploying GMP Applications Scott Fry, Director of Professional Services.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
COBIT - II.

COBIT - II.
Hosted Exchange 2010 Enterprise Grade Email and Collaboration Solutions for Small and Medium Businesses Web Site: www.hallumssystems.com.

Hosted Exchange 2010 Enterprise Grade and Collaboration Solutions for Small and Medium Businesses Web Site:
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. Acceleratio specializes in developing high-quality enterprise.

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in Acceleratio specializes in developing high-quality enterprise.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation
Security Controls – What Works

Security Controls – What Works
DELATUSH SYSTEMS, INC. Presents MB SECURE NETWORK MONITORING AND MANAGEMENT.

DELATUSH SYSTEMS, INC. Presents MB SECURE NETWORK MONITORING AND MANAGEMENT.
Advantages of IT Security Prof. Uldis Sukovskis, CISA Riga Information Technology Institute Secure information exchange in Electronic media Baltic IT&T.

Advantages of IT Security Prof. Uldis Sukovskis, CISA Riga Information Technology Institute Secure information exchange in Electronic media Baltic IT&T.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Centers for IBM e-Business Innovation :: Chicago © 2005 IBM Corporation IBM Project October 2005.

Centers for IBM e-Business Innovation :: Chicago © 2005 IBM Corporation IBM Project October 2005.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
© 2009 IBM Corporation GoPro GoPro Portal Automating Case Management for Enhanced Operational Efficiency, Increased Customer Service and Improved Compliance.

© 2009 IBM Corporation GoPro GoPro Portal Automating Case Management for Enhanced Operational Efficiency, Increased Customer Service and Improved Compliance.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
The Cloud: Demystified Neil Cattermull Frontier Technology.

The Cloud: Demystified Neil Cattermull Frontier Technology.
Discover Transparency COMPAREX SAM2GO

Discover Transparency COMPAREX SAM2GO
© 2001-2012 InLoox ® InLoox PM Web App product presentation The Online Project Software.

© InLoox ® InLoox PM Web App product presentation The Online Project Software.

Similar presentations

Ads by Google