SlideShare una empresa de Scribd logo

“Rebuilding Corporate Trust: The Essential Role Of IT Governance

SUNIL KUMAR KOHLI, IDAS ndc
SUNIL KUMAR KOHLI, IDAS ndc

This document discusses the essential role of IT governance in rebuilding corporate trust. It notes that transparency, risk management, and compliance are key to ensuring accountability and social responsibility for governments, public sector organizations, and corporations. An integrated approach to governance, risk management, and compliance can help address fragmentation, lower costs, and improve business performance and predictability through better information management and decision making. Leveraging IT is seen as important for greater transparency, risk management, and accessibility of products and services.

1 de 48
1
2 SUNIL KOHLI Indian Defence Accounts Service Joint Secretary And Financial Adviser National Disaster Management Authority, Ministry Of Home Affairs, India “Rebuilding Corporate Trust: The Essential Role Of IT Governance 11th November 2010
3 Broad Outline: Context • Government, Public Sector Organizations and Corporate are the biggest entities which affects the lives of the citizens and the consumers. • Transparency, Risk and Compliance are the main attributes to ensure Accountability and Corporate Social Responsibility. • Leveraging Technology by these entities will ensure Rebuilding Public Trust in these organizations.
4 Broad Outline: Role of IT • IT can play an important role in Information Management, Risk Management, Better Pricing and Accessibility of Products and Services and bringing about greater Transparency and ensuring performance. • In this environment of recession and slow down of economy and fast rate of Technological Obsolescence companies can drive strategic advantage and overcome competition by proactive deployment of technology.
5 Issues for Discussion • CRISIS OF CORPORATE TRUST • The Essential Role Of IT Governance • Proactive Management of IT Governance to ensure Corporate Trust & profitability. • Integrated Governance, Risk management, and Compliance (GRC) solutions help improve relations with stakeholders and, ultimately, facilitate trust
6 CEOs “cashed out” prior to economic crisis CEOs at major US financial and real estate firms converted tens of millions of dollars of overvalued stock into cash prior to the eruption of the current financial crisis. •Shocking Reality Check •Collapse of Financial Systems •Breed Culture of Macho Management and Self interest •Block Information and Transparency.
7 Crisis Of Corporate Trust • Critical Areas For A More Proactive Approach – Greater transparency about business practices. – Less risk associated with products and services. – Better pricing and accessibility of products and services. – More emphasis on the development of socially and environmentally responsible products and services. • Based on McKinsey Research
8 Building Corporate Trust is Expensive but Makes Business Sense 1. Corporations Need to Rebuild and Strengthen Stakeholder Trust 2. Pervasive Fragmentation Complicates the Pursuit of Stakeholder Trust 3. Beyond a “License to Operate”: Trust Contributes to Competitive Advantage 4. An Integrated Approach to Transparency is Essential
9 1.Corporations Need to Rebuild and Strengthen Stakeholder Trust
10 2. Pervasive Fragmentation Complicates the Pursuit of Stakeholder Trust • Combating the fragmentation 1. Think and act globally. •Geographical, Organizational, and Systems fragmentation complicates the problem 2. Bridge corporate silos. •In the absence of integration, interactions are at best suboptimal 3. Use technology to improve information flows. • Disconnects multiply with the volume and complexity of the information
11 3. Beyond a “License to Operate”: Trust Contributes to Competitive Advantage • Strategic investment in compliance to competitive advantage • Better information management has improved business intelligence and optimized decision making. • The essential ingredient of trust: Transparency—and specifically; Information Liquidity, can have a significant business impact.
12 4. An Integrated Approach to Transparency is Essential • Need to embed the appropriate behaviors into the organization’s culture, processes, and systems. • An integrated GRC strategy becomes in itself a differentiator. • Governance and Compliance ensures Conformance; Risk to mitigate losses.
13 4. An Integrated Approach to Transparency is Essential • Honesty: Access to a “true” data. • Accountability: Accountability ensures that commitments are captured and acted upon. Clear lines of responsibility make it harder to pass the buck. • Transparency: The organization can’t be transparent unless it has systems that enable the communication of pertinent information to stakeholders in an accessible format. • Integrated GRC leverages your existing information technology investments; Makes your efforts scalable and Enables new types of collaboration.
14 5. Conclusion • An integrated approach to governance, risk management, and compliance has several benefits: – Lower costs; Better leverage of existing investments; – New scale for information sharing initiatives; – Support for new innovations; and – Unprecedented levels of collaboration and coordination. – Holistic approach that marries business considerations with stakeholder interests is the right “manrta”. • Implement an Executive Cross Functional Governance Structure
15 Distinctive Features Of IT • Trusted Interface • Critical Business Enabler • Competitive and Strategic Differentiator • Reduces Costs by Optimizing Resources • Managing risks associated with data security and regulatory compliance. • Integrate different departments and disparate internal controls systems
16 Distinctive Features Of IT • Ubiquitous Application • Dramatic Rate of Cost Decline • Universal Ownership • Exponential Growth • Flexibility and scalability • Shrinkage of Geographical Distance through Networks. • Revenue Generator • Cost Cutting Engine
17 WHY INFORMATION TECHNOLOGY? • Capable of comprehensive holistic IT Governance approach: Bridge Functional Silos. • Easy to adapt C3I Approach – Coordination; Communication; Collaboration; and Integration – Process of “Mutualism” Collaborative Decision Making and implementation to optimize Performance • Eliminate Ad Hoc Setup and Human Errors. • Overcome DRIP Syndrome • Align IT controls to corporate policies, and corporate policies to regulations.
18 IT GOVERNANCE • Definitions • “Effective IT governance helps ensure that IT supports business goals, optimizes business investment in IT, and appropriately manages IT- related risk and opportunities.” • IT Governance Institute • Framework with Structures, Processes & Policies that governs how a business make IT Decisions & who within the organization makes them.
19 IT GOVERNANCE APPROACH • A holistic approach to IT governance – That encompasses all dimensions of their IT-related activities. – Spanning all layers of a company’s IT infrastructure – Addresses an organization’s entire compliance, risk and security requirements using the same toolset. • Reduce complexity arising from Globalization and Proliferation of off-shoring and outsourcing arrangements.
20 HOLISTIC APPROACH TO IT GOVERNANCE • Enables companies to dynamically manage and monitor key IT enabled GRC activities such as: - – Information Protection and Privacy; – Configuration and Change Management; and – IT GRC management across multiple business units, geographies and IT systems. • The result is IT governance that is sustainable, cost- effective, and better aligned to the strategic and operational demands of the business.
21 GRC • AN INTEGRATED APPROACH TO MANAGING GOVERNANCE, RISK, AND COMPLIANCE • Drive Business Predictability and Stakeholder Confidence
22 VULNERABILITY OF CORPORATE • Businesses face unprecedented numbers of legal, regulatory, and business partner mandates, as well as value chain requirements. • How can you control risk, manage effectively, drive performance, and ultimately inspire greater stakeholder confidence?
23 Why An Integrated Approach To Managing GRC • Adopt an integrated strategy and a comprehensive GRC solution. • To Address all regulatory and business related risks and achieve compliance at a lower cost. • To differentiate itself and achieve greater agility by optimizing your business processes and using risk intelligence for better decision making.
24 GRC Discipline • A Definition of Governance, Risk, and Compliance • Governance manages the strategic directives a company wants to follow. • Risk management assesses the areas of exposure and potential impacts. • Compliance is the tactical action to mitigate risk.
25 THE FOUR DEGREES OF FRAGMENTATION • GRC activities are typically fragmented across four dimensions: • Organization • Systems • Regions • Internal GRC disciplines
26 Organizational Fragmentation
27 System Fragmentation
28 System Fragmentation • Most businesses lack GRC information integrity because governing principles and policies, risk measurement, and compliance with regulatory mandates are typically supported by departmental IT systems. • Without centralized governance, systems may use different metrics, standards, and methodologies for analyzing risk and compliance information, making the aggregation of data a complex and time-consuming task.
29 System Fragmentation • Local process optimization and point solutions implemented across the enterprise can further isolate information within systems, resulting in a limited view of enterprise risk. • Without an aligned and integrated perspective on governance to guide risk profiling and mitigation, you can’t effectively monitor compliance and risk and adjust business processes to meet changing requirements, market trends, and regulatory mandates.
30 Regional Fragmentation Fragmentation by Geography and Jurisdiction
31 Regional Fragmentation • Policies and risks are generally defined and measured at the local level, without proper consideration for their impact on the global, multinational, national, or regional mandates. • Multitude of jurisdictions can result in tangible (financial) and intangible (brand and reputation) consequences.
32 Internal GRC Discipline Fragmentation Interrelationship Between Governance, Risk, and Compliance Management
33 The High Cost Of A Fragmented Approach • From a pure cost perspective, the status quo is simply too expensive to sustain. • Only with an organizational view of GRC information and a comprehensive solution for managing GRC across the enterprise can you manage with confidence, improve business predictability, and drive higher performance. • A GRC strategy can also be a critical driver of revenue and competitive advantage because you can accurately assess the risk of various business decisions.
34 Leverage GRC as a Proactive Business Optimization Instrument • The real business value comes from leveraging GRC as a proactive management instrument – not just in terms of avoiding the costs of noncompliance, but in terms of driving revenue and competitive advantage. • Ultimately, GRC is about seeing the opportunities associated with a given business change and placing your organization in the best position to capitalize on those opportunities. • This requires moving toward tightly integrated business and IT functions – the key to improving enterprise risk awareness and response capabilities, as well as recognizing opportunities.
35 How GRC Software Can Help • To Address Fragmentation: • Systems Fragmentation: Seamless within a heterogeneous IT landscape, integrating with existing legacy systems and for real-time monitoring of key risk indicators and compliance activities. • Organizational Fragmentation: Standardization • Regional Fragmentation: Scalable and balanced, objective, real-time view of governance (strategy). • Discipline Fragmentation: Providing real-time information to business decision makers.
36 How GRC Software Can Help • The software should also help you plan compliance and governance activities so that they become an extension of risk management, mitigating risks one task at a time. • This integrated approach, which is driven by risk information, also ensures accurate resource allocation so that you do not inadvertently focus compliance efforts on areas that are already strong and overlook hidden areas of weakness.
37 TURNING REGULATORY REQUIREMENTS INTO STRATEGIC ADVANTAGE • With a GRC framework and software solution, organization can benefit from the following: • Increased shareholder value – Good governance is reflected in many intangibles, including brand and reputation, and it translates directly into share price premiums. • Optimized risk-return portfolios – The GRC framework and software solutions provide the transparency and insight business decision makers need to select (and reject) projects based on risk impact and probability relative to potential return.
38 TURNING REGULATORY REQUIREMENTS INTO STRATEGIC ADVANTAGE • Reduced GRC costs – Transitioning to an integrated GRC approach significantly reduces the number of people – and the amount of time required to control and address risk. For compliance in particular, you can trust accurate compliance processes, which are enabled by the GRC software solutions. • Improved business performance and predictability – The GRC framework enables transparency across your enterprise and beyond. It gives management a systematic process for anticipating and controlling risks, and the tools to proactively determine proper actions and critical tasks, reducing unacceptable performance variability.
39 TURNING REGULATORY REQUIREMENTS INTO STRATEGIC ADVANTAGE • Business sustainability – GRC provides a clear path to sustainable compliance and risk management, even as mandates increase and business models and processes become more complex. • Greater Business Agility – GRC leads to greater business agility and promotes competitive differentiation.
40 Last word • IT governance system is no substitute for real leadership. • Processes can’t command attention that executive give to trusted peer. • Systems alone don’t forge common vision or inspire action. • Lead IT Governance- Don’t lead by it. • Strong IT leadership needed to bring coherence to the company's fragmented systems. • Executive teams with a strong IT leader make better, faster decisions about technology than do companies that rely solely on a governance system—no matter how effective it is.
41 REFERENCE
42 42 Optimize IT performance through optimized decision- making Effective IT governance helps organizations cope with—and leverage— change REFERENCE: http://www- 01.ibm.com/software/tivoli/governanc e/action/10022008.html
43 43 IBM IT Governance Approach Business Performance through IT Execution REFERENCE: http://www.redbooks.ibm.com/redbook s/pdfs/sg247517.pdf
44 44 Trust and Competitive Advantage: An Integrated Approach Dan Tapscott, CEO New Paradigm Learning Corporation REFERENCE: http://www.newparadigm.com
45 45 The emerging role of IT governance Lynn M. Mueller, Senior Consultant, Software Group, IBM, Software Group Andrew Phillipson, IT Specialist, Software Group, IBM, Software Group REFERENCE: http://www.ibm.com/developerworks/rational/library/dec07/mueller_phillipson/index.html#N10293
46 46 Rebuilding Corporate Trust: The emerging Role of IT Governance REFERENCE: Oracle GRC White paper http://www.oracle.com March 2008
47 SUNIL KOHLI Indian Defence Accounts Service Joint Secretary And Financial Adviser National Disaster Management Authority (NDMA), and National Disaster Response Force(NDRF), Government of India, Ministry of Home Affairs, India # A-1, Safdar Jung Enclave, Opposite AIIMS Trauma Centre, New Delhi 110 029 Tel: +91 11 26701709 Office +91 11 26180503 Direct +91 11 26701715 Fax, +91 11 26133298 Residence +91 9868151472 Mobile E Mail: kohlisk@gmail.com kohlifandma@gmail.com skkohli@ndma.gov.in Website: www.ndma.gov.in FACEBOOK: http://www.facebook.com/sunilkumarkohli
48

Recomendados

Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyPrivacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyIvan Tsarynny
 
Information Governance Program
Information Governance ProgramInformation Governance Program
Information Governance ProgramBohdiman
 
IT Governance Introduction
IT Governance IntroductionIT Governance Introduction
IT Governance IntroductionKeith Rackley
 
Data protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceData protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceEquiGov Institute
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Managementjiricejka
 
IT Governances
IT GovernancesIT Governances
IT GovernancesJerald Burget
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1Richard Willis
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governancedigitallibrary
 

Recomendados

Privacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyPrivacy Operations (PrivacyOps) Framework - Feroot Privacy
Privacy Operations (PrivacyOps) Framework - Feroot PrivacyIvan Tsarynny
 
Information Governance Program
Information Governance ProgramInformation Governance Program
Information Governance ProgramBohdiman
 
IT Governance Introduction
IT Governance IntroductionIT Governance Introduction
IT Governance IntroductionKeith Rackley
 
Data protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceData protection: Steps Organisations can take to ensure compliance
Data protection: Steps Organisations can take to ensure complianceEquiGov Institute
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Managementjiricejka
 
IT Governances
IT GovernancesIT Governances
IT GovernancesJerald Burget
 
IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1IT Governance Vs IT Management Presentation V0.1
IT Governance Vs IT Management Presentation V0.1Richard Willis
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governancedigitallibrary
 
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__susanta subudhi
 
Security Leaders: Manage the Forest, Not the Trees
Security Leaders: Manage the Forest, Not the TreesSecurity Leaders: Manage the Forest, Not the Trees
Security Leaders: Manage the Forest, Not the TreesAdam Stone
 
Critical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsCritical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsRachid Meziani, PhD, CGEIT, PMP
 
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESSMAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESSSUNIL KUMAR KOHLI, IDAS ndc
 
Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3pjmartinez
 
Executing on Information Governance (Learning From Law Firms)
Executing on Information Governance (Learning From Law Firms)Executing on Information Governance (Learning From Law Firms)
Executing on Information Governance (Learning From Law Firms)Nick Inglis
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?Eryk Budi Pratama
 
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DATUM LLC
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .jadams6
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Managementjadams6
 
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...SURFfoundation
 
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DATUM LLC
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
Building a Strategy customers and Auditors Love
Building a Strategy customers and Auditors LoveBuilding a Strategy customers and Auditors Love
Building a Strategy customers and Auditors Lovejadams6
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology GovernanceGoutama Bachtiar
 
Agiliance Wp Key Steps
Agiliance Wp Key StepsAgiliance Wp Key Steps
Agiliance Wp Key Stepsagiliancecommunity
 
BizCarta-2
BizCarta-2BizCarta-2
BizCarta-2Pradeep Kumar
 
Testing for a Great App and Web Experience | QualiTest Group
Testing for a Great App and Web Experience | QualiTest GroupTesting for a Great App and Web Experience | QualiTest Group
Testing for a Great App and Web Experience | QualiTest GroupQualitest
 
How to Break your App - Workshop - Testbash 2015
How to Break your App - Workshop - Testbash 2015How to Break your App - Workshop - Testbash 2015
How to Break your App - Workshop - Testbash 2015Daniel Knott
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2Semir Ibrahimovic
 
Valuation of Banks
Valuation of BanksValuation of Banks
Valuation of BanksPankaj Baid
 

Más contenido relacionado

La actualidad más candente

GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__susanta subudhi
 
Security Leaders: Manage the Forest, Not the Trees
Security Leaders: Manage the Forest, Not the TreesSecurity Leaders: Manage the Forest, Not the Trees
Security Leaders: Manage the Forest, Not the TreesAdam Stone
 
Critical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsCritical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsRachid Meziani, PhD, CGEIT, PMP
 
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESSMAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESSSUNIL KUMAR KOHLI, IDAS ndc
 
Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3pjmartinez
 
Executing on Information Governance (Learning From Law Firms)
Executing on Information Governance (Learning From Law Firms)Executing on Information Governance (Learning From Law Firms)
Executing on Information Governance (Learning From Law Firms)Nick Inglis
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?Eryk Budi Pratama
 
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DATUM LLC
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .jadams6
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Managementjadams6
 
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...SURFfoundation
 
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DATUM LLC
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing worldPECB
 
Building a Strategy customers and Auditors Love
Building a Strategy customers and Auditors LoveBuilding a Strategy customers and Auditors Love
Building a Strategy customers and Auditors Lovejadams6
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology GovernanceGoutama Bachtiar
 

La actualidad más candente (18)

GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
 
Security Leaders: Manage the Forest, Not the Trees
Security Leaders: Manage the Forest, Not the TreesSecurity Leaders: Manage the Forest, Not the Trees
Security Leaders: Manage the Forest, Not the Trees
 
Critical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance ImplementationsCritical Success Factors (CSFs) for Effective IT Governance Implementations
Critical Success Factors (CSFs) for Effective IT Governance Implementations
 
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESSMAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
MAINSTREAMING GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE INTO BUSINESS PROCESS
 
Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3Governance Of Enterprise Information Technology V3
Governance Of Enterprise Information Technology V3
 
Executing on Information Governance (Learning From Law Firms)
Executing on Information Governance (Learning From Law Firms)Executing on Information Governance (Learning From Law Firms)
Executing on Information Governance (Learning From Law Firms)
 
IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?IT Governance - Governing IT: Do or Die?
IT Governance - Governing IT: Do or Die?
 
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
 
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Management
 
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
314 Wie Stuurt Wie, Wat Is It Governance In Het Bedrijfsleven Rob Van Wuijt...
 
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
 
IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world IT Governance – The missing compass in a technology changing world
IT Governance – The missing compass in a technology changing world
 
Building a Strategy customers and Auditors Love
Building a Strategy customers and Auditors LoveBuilding a Strategy customers and Auditors Love
Building a Strategy customers and Auditors Love
 
Comprehending Information Technology Governance
Comprehending Information Technology GovernanceComprehending Information Technology Governance
Comprehending Information Technology Governance
 
Agiliance Wp Key Steps
Agiliance Wp Key StepsAgiliance Wp Key Steps
Agiliance Wp Key Steps
 
BizCarta-2
BizCarta-2BizCarta-2
BizCarta-2
 

Destacado

Testing for a Great App and Web Experience | QualiTest Group
Testing for a Great App and Web Experience | QualiTest GroupTesting for a Great App and Web Experience | QualiTest Group
Testing for a Great App and Web Experience | QualiTest GroupQualitest
 
How to Break your App - Workshop - Testbash 2015
How to Break your App - Workshop - Testbash 2015How to Break your App - Workshop - Testbash 2015
How to Break your App - Workshop - Testbash 2015Daniel Knott
 
Valuation of Banks
Valuation of BanksValuation of Banks
Valuation of BanksPankaj Baid
 
7 Steps Needed to Get Lenders to Fund Your Real Estate Deals
7 Steps Needed to Get Lenders to Fund Your Real Estate Deals7 Steps Needed to Get Lenders to Fund Your Real Estate Deals
7 Steps Needed to Get Lenders to Fund Your Real Estate DealsJoshua Dorkin
 
How can L&D support today's smart workers?
How can L&D support today's smart workers?How can L&D support today's smart workers?
How can L&D support today's smart workers?Jane Hart
 
10 future workplace trends
10 future workplace trends10 future workplace trends
10 future workplace trendsCPA Australia
 
Business optimization | building your first million is easy
Business optimization | building your first million is easyBusiness optimization | building your first million is easy
Business optimization | building your first million is easySurjeet Singh
 

Destacado (10)

Testing for a Great App and Web Experience | QualiTest Group
Testing for a Great App and Web Experience | QualiTest GroupTesting for a Great App and Web Experience | QualiTest Group
Testing for a Great App and Web Experience | QualiTest Group
 
How to Break your App - Workshop - Testbash 2015
How to Break your App - Workshop - Testbash 2015How to Break your App - Workshop - Testbash 2015
How to Break your App - Workshop - Testbash 2015
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Valuation of Banks
Valuation of BanksValuation of Banks
Valuation of Banks
 
7 Steps Needed to Get Lenders to Fund Your Real Estate Deals
7 Steps Needed to Get Lenders to Fund Your Real Estate Deals7 Steps Needed to Get Lenders to Fund Your Real Estate Deals
7 Steps Needed to Get Lenders to Fund Your Real Estate Deals
 
How Square is Disrupting Banks
How Square is Disrupting BanksHow Square is Disrupting Banks
How Square is Disrupting Banks
 
How can L&D support today's smart workers?
How can L&D support today's smart workers?How can L&D support today's smart workers?
How can L&D support today's smart workers?
 
Americans and CEO Pay: 2016 Public Perception Survey on CEO Compensation
Americans and CEO Pay: 2016 Public Perception Survey on CEO CompensationAmericans and CEO Pay: 2016 Public Perception Survey on CEO Compensation
Americans and CEO Pay: 2016 Public Perception Survey on CEO Compensation
 
10 future workplace trends
10 future workplace trends10 future workplace trends
10 future workplace trends
 
Business optimization | building your first million is easy
Business optimization | building your first million is easyBusiness optimization | building your first million is easy
Business optimization | building your first million is easy
 

Similar a “Rebuilding Corporate Trust: The Essential Role Of IT Governance

Sask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir FancySask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir FancySaskSummit
 
Corporate Governance And Cloud Computing
Corporate Governance And Cloud Computing Corporate Governance And Cloud Computing
Corporate Governance And Cloud Computing itnewsafrica
 
Application Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionApplication Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionCarolyn Reid
 
8 Strategies for IT Transformation
8 Strategies for IT Transformation8 Strategies for IT Transformation
8 Strategies for IT Transformationkenaibarbosa
 
Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.Magiel Amora
 
IT Risk assessment and Audit Planning
IT Risk assessment and Audit PlanningIT Risk assessment and Audit Planning
IT Risk assessment and Audit Planninggoreankush1
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear LLC
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training courseIman Baradari
 
Executive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceExecutive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceKuda Musundire CA (Z), RPA
 
How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud SureCloud
 
Information governance presentation
Information governance presentationInformation governance presentation
Information governance presentationIgor Swann
 
Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.Magiel Amora
 
Nasdaq Corporate Solutions | International Corporate Governance
Nasdaq Corporate Solutions | International Corporate GovernanceNasdaq Corporate Solutions | International Corporate Governance
Nasdaq Corporate Solutions | International Corporate GovernanceStantonChaseAthens2019
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)Sam Mandebvu
 
Information Strategy: Updating the IT Strategy for Information, Insights and ...
Information Strategy: Updating the IT Strategy for Information, Insights and ...Information Strategy: Updating the IT Strategy for Information, Insights and ...
Information Strategy: Updating the IT Strategy for Information, Insights and ...Jamal_Shah
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
 
Need for Action (GDPR Risk Mgmt) Oct'16
Need for Action (GDPR Risk Mgmt) Oct'16Need for Action (GDPR Risk Mgmt) Oct'16
Need for Action (GDPR Risk Mgmt) Oct'16Dr. Sanjeev B Ahuja
 

Similar a “Rebuilding Corporate Trust: The Essential Role Of IT Governance (20)

Sask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir FancySask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir Fancy
 
Corporate Governance And Cloud Computing
Corporate Governance And Cloud Computing Corporate Governance And Cloud Computing
Corporate Governance And Cloud Computing
 
Application Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solutionApplication Rationalization and Portfolio Management solution
Application Rationalization and Portfolio Management solution
 
8 Strategies for IT Transformation
8 Strategies for IT Transformation8 Strategies for IT Transformation
8 Strategies for IT Transformation
 
Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.
 
IT Risk assessment and Audit Planning
IT Risk assessment and Audit PlanningIT Risk assessment and Audit Planning
IT Risk assessment and Audit Planning
 
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
 
Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case Studies
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and Trends
 
Cobit Training course
Cobit Training courseCobit Training course
Cobit Training course
 
Executive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and GovernanceExecutive's Handbook on IT Strategy and Governance
Executive's Handbook on IT Strategy and Governance
 
How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud
 
Information governance presentation
Information governance presentationInformation governance presentation
Information governance presentation
 
Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.Chap. 3 corp. gov. in global operations.ppt.
Chap. 3 corp. gov. in global operations.ppt.
 
"MAINSTREAMING GRC INTO BUSINESS PROCESS"
"MAINSTREAMING GRC INTO BUSINESS PROCESS""MAINSTREAMING GRC INTO BUSINESS PROCESS"
"MAINSTREAMING GRC INTO BUSINESS PROCESS"
 
Nasdaq Corporate Solutions | International Corporate Governance
Nasdaq Corporate Solutions | International Corporate GovernanceNasdaq Corporate Solutions | International Corporate Governance
Nasdaq Corporate Solutions | International Corporate Governance
 
CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)CoBIT 5 (A brief Description)
CoBIT 5 (A brief Description)
 
Information Strategy: Updating the IT Strategy for Information, Insights and ...
Information Strategy: Updating the IT Strategy for Information, Insights and ...Information Strategy: Updating the IT Strategy for Information, Insights and ...
Information Strategy: Updating the IT Strategy for Information, Insights and ...
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
 
Need for Action (GDPR Risk Mgmt) Oct'16
Need for Action (GDPR Risk Mgmt) Oct'16Need for Action (GDPR Risk Mgmt) Oct'16
Need for Action (GDPR Risk Mgmt) Oct'16
 

Más de SUNIL KUMAR KOHLI, IDAS ndc

Management of Biological Disasters: NDMA GUIDLINES
Management of Biological Disasters: NDMA GUIDLINESManagement of Biological Disasters: NDMA GUIDLINES
Management of Biological Disasters: NDMA GUIDLINESSUNIL KUMAR KOHLI, IDAS ndc
 
“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”
“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”
“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”SUNIL KUMAR KOHLI, IDAS ndc
 
“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...
“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...
“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...SUNIL KUMAR KOHLI, IDAS ndc
 
Indo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserIndo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserSUNIL KUMAR KOHLI, IDAS ndc
 
Indo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserIndo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserSUNIL KUMAR KOHLI, IDAS ndc
 
Indo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserIndo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserSUNIL KUMAR KOHLI, IDAS ndc
 
"India's National Disaster Management Authority's (NDMA) initiatives on safet...
"India's National Disaster Management Authority's (NDMA) initiatives on safet..."India's National Disaster Management Authority's (NDMA) initiatives on safet...
"India's National Disaster Management Authority's (NDMA) initiatives on safet...SUNIL KUMAR KOHLI, IDAS ndc
 
Optimising performance through C3I (coordination, collaboration, communicatio...
Optimising performance through C3I (coordination, collaboration, communicatio...Optimising performance through C3I (coordination, collaboration, communicatio...
Optimising performance through C3I (coordination, collaboration, communicatio...SUNIL KUMAR KOHLI, IDAS ndc
 

Más de SUNIL KUMAR KOHLI, IDAS ndc (20)

Quotes on Water
Quotes on Water Quotes on Water
Quotes on Water
 
Incident Response System: NDMA GUIDLINES
Incident Response System: NDMA GUIDLINESIncident Response System: NDMA GUIDLINES
Incident Response System: NDMA GUIDLINES
 
MEDICAL PREPAREDNESS ASPECTS OF DISASTERS
MEDICAL PREPAREDNESS ASPECTS OF DISASTERSMEDICAL PREPAREDNESS ASPECTS OF DISASTERS
MEDICAL PREPAREDNESS ASPECTS OF DISASTERS
 
Management of Biological Disasters: NDMA GUIDLINES
Management of Biological Disasters: NDMA GUIDLINESManagement of Biological Disasters: NDMA GUIDLINES
Management of Biological Disasters: NDMA GUIDLINES
 
CORPORATE GOVERNANCE AND ETHICS
CORPORATE GOVERNANCE AND ETHICSCORPORATE GOVERNANCE AND ETHICS
CORPORATE GOVERNANCE AND ETHICS
 
CORPORATE GOVERNANCE AND ETHICS
CORPORATE GOVERNANCE AND ETHICSCORPORATE GOVERNANCE AND ETHICS
CORPORATE GOVERNANCE AND ETHICS
 
“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”
“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”
“Examining the Role Supply Chain Best Practices Can Play In Disaster Management”
 
“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...
“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...
“Examining The Role Supply Chain Best Practices Can Play In Disaster Manage...
 
Indo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserIndo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiser
 
Indo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserIndo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiser
 
Indo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiserIndo global education summit 2011 curtain raiser
Indo global education summit 2011 curtain raiser
 
"India's National Disaster Management Authority's (NDMA) initiatives on safet...
"India's National Disaster Management Authority's (NDMA) initiatives on safet..."India's National Disaster Management Authority's (NDMA) initiatives on safet...
"India's National Disaster Management Authority's (NDMA) initiatives on safet...
 
SKK FINANCIAL MANAGEMENT REFORMS IN INDIA
SKK FINANCIAL MANAGEMENT REFORMS IN INDIASKK FINANCIAL MANAGEMENT REFORMS IN INDIA
SKK FINANCIAL MANAGEMENT REFORMS IN INDIA
 
Optimising performance through C3I (coordination, collaboration, communicatio...
Optimising performance through C3I (coordination, collaboration, communicatio...Optimising performance through C3I (coordination, collaboration, communicatio...
Optimising performance through C3I (coordination, collaboration, communicatio...
 
NDMA ROAD AHEAD
NDMA ROAD AHEADNDMA ROAD AHEAD
NDMA ROAD AHEAD
 
MAKING STATE DISASTER MANAGEMENT PLANS:
MAKING STATE DISASTER MANAGEMENT PLANS:MAKING STATE DISASTER MANAGEMENT PLANS:
MAKING STATE DISASTER MANAGEMENT PLANS:
 
The ant story
The ant storyThe ant story
The ant story
 
Eskay Color Test
Eskay Color TestEskay Color Test
Eskay Color Test
 
Skk Conversion Factors Tables
Skk Conversion Factors TablesSkk Conversion Factors Tables
Skk Conversion Factors Tables
 
Eskay Colored Curency
Eskay Colored CurencyEskay Colored Curency
Eskay Colored Curency
 

“Rebuilding Corporate Trust: The Essential Role Of IT Governance

  • 1. 1
  • 2. 2 SUNIL KOHLI Indian Defence Accounts Service Joint Secretary And Financial Adviser National Disaster Management Authority, Ministry Of Home Affairs, India “Rebuilding Corporate Trust: The Essential Role Of IT Governance 11th November 2010
  • 3. 3 Broad Outline: Context • Government, Public Sector Organizations and Corporate are the biggest entities which affects the lives of the citizens and the consumers. • Transparency, Risk and Compliance are the main attributes to ensure Accountability and Corporate Social Responsibility. • Leveraging Technology by these entities will ensure Rebuilding Public Trust in these organizations.
  • 4. 4 Broad Outline: Role of IT • IT can play an important role in Information Management, Risk Management, Better Pricing and Accessibility of Products and Services and bringing about greater Transparency and ensuring performance. • In this environment of recession and slow down of economy and fast rate of Technological Obsolescence companies can drive strategic advantage and overcome competition by proactive deployment of technology.
  • 5. 5 Issues for Discussion • CRISIS OF CORPORATE TRUST • The Essential Role Of IT Governance • Proactive Management of IT Governance to ensure Corporate Trust & profitability. • Integrated Governance, Risk management, and Compliance (GRC) solutions help improve relations with stakeholders and, ultimately, facilitate trust
  • 6. 6 CEOs “cashed out” prior to economic crisis CEOs at major US financial and real estate firms converted tens of millions of dollars of overvalued stock into cash prior to the eruption of the current financial crisis. •Shocking Reality Check •Collapse of Financial Systems •Breed Culture of Macho Management and Self interest •Block Information and Transparency.
  • 7. 7 Crisis Of Corporate Trust • Critical Areas For A More Proactive Approach – Greater transparency about business practices. – Less risk associated with products and services. – Better pricing and accessibility of products and services. – More emphasis on the development of socially and environmentally responsible products and services. • Based on McKinsey Research
  • 8. 8 Building Corporate Trust is Expensive but Makes Business Sense 1. Corporations Need to Rebuild and Strengthen Stakeholder Trust 2. Pervasive Fragmentation Complicates the Pursuit of Stakeholder Trust 3. Beyond a “License to Operate”: Trust Contributes to Competitive Advantage 4. An Integrated Approach to Transparency is Essential
  • 9. 9 1.Corporations Need to Rebuild and Strengthen Stakeholder Trust
  • 10. 10 2. Pervasive Fragmentation Complicates the Pursuit of Stakeholder Trust • Combating the fragmentation 1. Think and act globally. •Geographical, Organizational, and Systems fragmentation complicates the problem 2. Bridge corporate silos. •In the absence of integration, interactions are at best suboptimal 3. Use technology to improve information flows. • Disconnects multiply with the volume and complexity of the information
  • 11. 11 3. Beyond a “License to Operate”: Trust Contributes to Competitive Advantage • Strategic investment in compliance to competitive advantage • Better information management has improved business intelligence and optimized decision making. • The essential ingredient of trust: Transparency—and specifically; Information Liquidity, can have a significant business impact.
  • 12. 12 4. An Integrated Approach to Transparency is Essential • Need to embed the appropriate behaviors into the organization’s culture, processes, and systems. • An integrated GRC strategy becomes in itself a differentiator. • Governance and Compliance ensures Conformance; Risk to mitigate losses.
  • 13. 13 4. An Integrated Approach to Transparency is Essential • Honesty: Access to a “true” data. • Accountability: Accountability ensures that commitments are captured and acted upon. Clear lines of responsibility make it harder to pass the buck. • Transparency: The organization can’t be transparent unless it has systems that enable the communication of pertinent information to stakeholders in an accessible format. • Integrated GRC leverages your existing information technology investments; Makes your efforts scalable and Enables new types of collaboration.
  • 14. 14 5. Conclusion • An integrated approach to governance, risk management, and compliance has several benefits: – Lower costs; Better leverage of existing investments; – New scale for information sharing initiatives; – Support for new innovations; and – Unprecedented levels of collaboration and coordination. – Holistic approach that marries business considerations with stakeholder interests is the right “manrta”. • Implement an Executive Cross Functional Governance Structure
  • 15. 15 Distinctive Features Of IT • Trusted Interface • Critical Business Enabler • Competitive and Strategic Differentiator • Reduces Costs by Optimizing Resources • Managing risks associated with data security and regulatory compliance. • Integrate different departments and disparate internal controls systems
  • 16. 16 Distinctive Features Of IT • Ubiquitous Application • Dramatic Rate of Cost Decline • Universal Ownership • Exponential Growth • Flexibility and scalability • Shrinkage of Geographical Distance through Networks. • Revenue Generator • Cost Cutting Engine
  • 17. 17 WHY INFORMATION TECHNOLOGY? • Capable of comprehensive holistic IT Governance approach: Bridge Functional Silos. • Easy to adapt C3I Approach – Coordination; Communication; Collaboration; and Integration – Process of “Mutualism” Collaborative Decision Making and implementation to optimize Performance • Eliminate Ad Hoc Setup and Human Errors. • Overcome DRIP Syndrome • Align IT controls to corporate policies, and corporate policies to regulations.
  • 18. 18 IT GOVERNANCE • Definitions • “Effective IT governance helps ensure that IT supports business goals, optimizes business investment in IT, and appropriately manages IT- related risk and opportunities.” • IT Governance Institute • Framework with Structures, Processes & Policies that governs how a business make IT Decisions & who within the organization makes them.
  • 19. 19 IT GOVERNANCE APPROACH • A holistic approach to IT governance – That encompasses all dimensions of their IT-related activities. – Spanning all layers of a company’s IT infrastructure – Addresses an organization’s entire compliance, risk and security requirements using the same toolset. • Reduce complexity arising from Globalization and Proliferation of off-shoring and outsourcing arrangements.
  • 20. 20 HOLISTIC APPROACH TO IT GOVERNANCE • Enables companies to dynamically manage and monitor key IT enabled GRC activities such as: - – Information Protection and Privacy; – Configuration and Change Management; and – IT GRC management across multiple business units, geographies and IT systems. • The result is IT governance that is sustainable, cost- effective, and better aligned to the strategic and operational demands of the business.
  • 21. 21 GRC • AN INTEGRATED APPROACH TO MANAGING GOVERNANCE, RISK, AND COMPLIANCE • Drive Business Predictability and Stakeholder Confidence
  • 22. 22 VULNERABILITY OF CORPORATE • Businesses face unprecedented numbers of legal, regulatory, and business partner mandates, as well as value chain requirements. • How can you control risk, manage effectively, drive performance, and ultimately inspire greater stakeholder confidence?
  • 23. 23 Why An Integrated Approach To Managing GRC • Adopt an integrated strategy and a comprehensive GRC solution. • To Address all regulatory and business related risks and achieve compliance at a lower cost. • To differentiate itself and achieve greater agility by optimizing your business processes and using risk intelligence for better decision making.
  • 24. 24 GRC Discipline • A Definition of Governance, Risk, and Compliance • Governance manages the strategic directives a company wants to follow. • Risk management assesses the areas of exposure and potential impacts. • Compliance is the tactical action to mitigate risk.
  • 25. 25 THE FOUR DEGREES OF FRAGMENTATION • GRC activities are typically fragmented across four dimensions: • Organization • Systems • Regions • Internal GRC disciplines
  • 28. 28 System Fragmentation • Most businesses lack GRC information integrity because governing principles and policies, risk measurement, and compliance with regulatory mandates are typically supported by departmental IT systems. • Without centralized governance, systems may use different metrics, standards, and methodologies for analyzing risk and compliance information, making the aggregation of data a complex and time-consuming task.
  • 29. 29 System Fragmentation • Local process optimization and point solutions implemented across the enterprise can further isolate information within systems, resulting in a limited view of enterprise risk. • Without an aligned and integrated perspective on governance to guide risk profiling and mitigation, you can’t effectively monitor compliance and risk and adjust business processes to meet changing requirements, market trends, and regulatory mandates.
  • 30. 30 Regional Fragmentation Fragmentation by Geography and Jurisdiction
  • 31. 31 Regional Fragmentation • Policies and risks are generally defined and measured at the local level, without proper consideration for their impact on the global, multinational, national, or regional mandates. • Multitude of jurisdictions can result in tangible (financial) and intangible (brand and reputation) consequences.
  • 32. 32 Internal GRC Discipline Fragmentation Interrelationship Between Governance, Risk, and Compliance Management
  • 33. 33 The High Cost Of A Fragmented Approach • From a pure cost perspective, the status quo is simply too expensive to sustain. • Only with an organizational view of GRC information and a comprehensive solution for managing GRC across the enterprise can you manage with confidence, improve business predictability, and drive higher performance. • A GRC strategy can also be a critical driver of revenue and competitive advantage because you can accurately assess the risk of various business decisions.
  • 34. 34 Leverage GRC as a Proactive Business Optimization Instrument • The real business value comes from leveraging GRC as a proactive management instrument – not just in terms of avoiding the costs of noncompliance, but in terms of driving revenue and competitive advantage. • Ultimately, GRC is about seeing the opportunities associated with a given business change and placing your organization in the best position to capitalize on those opportunities. • This requires moving toward tightly integrated business and IT functions – the key to improving enterprise risk awareness and response capabilities, as well as recognizing opportunities.
  • 35. 35 How GRC Software Can Help • To Address Fragmentation: • Systems Fragmentation: Seamless within a heterogeneous IT landscape, integrating with existing legacy systems and for real-time monitoring of key risk indicators and compliance activities. • Organizational Fragmentation: Standardization • Regional Fragmentation: Scalable and balanced, objective, real-time view of governance (strategy). • Discipline Fragmentation: Providing real-time information to business decision makers.
  • 36. 36 How GRC Software Can Help • The software should also help you plan compliance and governance activities so that they become an extension of risk management, mitigating risks one task at a time. • This integrated approach, which is driven by risk information, also ensures accurate resource allocation so that you do not inadvertently focus compliance efforts on areas that are already strong and overlook hidden areas of weakness.
  • 37. 37 TURNING REGULATORY REQUIREMENTS INTO STRATEGIC ADVANTAGE • With a GRC framework and software solution, organization can benefit from the following: • Increased shareholder value – Good governance is reflected in many intangibles, including brand and reputation, and it translates directly into share price premiums. • Optimized risk-return portfolios – The GRC framework and software solutions provide the transparency and insight business decision makers need to select (and reject) projects based on risk impact and probability relative to potential return.
  • 38. 38 TURNING REGULATORY REQUIREMENTS INTO STRATEGIC ADVANTAGE • Reduced GRC costs – Transitioning to an integrated GRC approach significantly reduces the number of people – and the amount of time required to control and address risk. For compliance in particular, you can trust accurate compliance processes, which are enabled by the GRC software solutions. • Improved business performance and predictability – The GRC framework enables transparency across your enterprise and beyond. It gives management a systematic process for anticipating and controlling risks, and the tools to proactively determine proper actions and critical tasks, reducing unacceptable performance variability.
  • 39. 39 TURNING REGULATORY REQUIREMENTS INTO STRATEGIC ADVANTAGE • Business sustainability – GRC provides a clear path to sustainable compliance and risk management, even as mandates increase and business models and processes become more complex. • Greater Business Agility – GRC leads to greater business agility and promotes competitive differentiation.
  • 40. 40 Last word • IT governance system is no substitute for real leadership. • Processes can’t command attention that executive give to trusted peer. • Systems alone don’t forge common vision or inspire action. • Lead IT Governance- Don’t lead by it. • Strong IT leadership needed to bring coherence to the company's fragmented systems. • Executive teams with a strong IT leader make better, faster decisions about technology than do companies that rely solely on a governance system—no matter how effective it is.
  • 42. 42 42 Optimize IT performance through optimized decision- making Effective IT governance helps organizations cope with—and leverage— change REFERENCE: http://www- 01.ibm.com/software/tivoli/governanc e/action/10022008.html
  • 43. 43 43 IBM IT Governance Approach Business Performance through IT Execution REFERENCE: http://www.redbooks.ibm.com/redbook s/pdfs/sg247517.pdf
  • 44. 44 44 Trust and Competitive Advantage: An Integrated Approach Dan Tapscott, CEO New Paradigm Learning Corporation REFERENCE: http://www.newparadigm.com
  • 45. 45 45 The emerging role of IT governance Lynn M. Mueller, Senior Consultant, Software Group, IBM, Software Group Andrew Phillipson, IT Specialist, Software Group, IBM, Software Group REFERENCE: http://www.ibm.com/developerworks/rational/library/dec07/mueller_phillipson/index.html#N10293
  • 46. 46 46 Rebuilding Corporate Trust: The emerging Role of IT Governance REFERENCE: Oracle GRC White paper http://www.oracle.com March 2008
  • 47. 47 SUNIL KOHLI Indian Defence Accounts Service Joint Secretary And Financial Adviser National Disaster Management Authority (NDMA), and National Disaster Response Force(NDRF), Government of India, Ministry of Home Affairs, India # A-1, Safdar Jung Enclave, Opposite AIIMS Trauma Centre, New Delhi 110 029 Tel: +91 11 26701709 Office +91 11 26180503 Direct +91 11 26701715 Fax, +91 11 26133298 Residence +91 9868151472 Mobile E Mail: kohlisk@gmail.com kohlifandma@gmail.com skkohli@ndma.gov.in Website: www.ndma.gov.in FACEBOOK: http://www.facebook.com/sunilkumarkohli
  • 48. 48