SlideShare una empresa de Scribd logo

Model Information Office

Mahesh Patwardhan
Mahesh Patwardhan

A Model Information Office - Compliance, Control, Processes and Systems

TecnologíaEmpresariales
1 de 10
Descargar para leer sin conexión
Compliance & Control, Systems & Partner Relationship Management Mahesh Patwardhan maheshpatwardhan@rediffmail.com
Information Office Office of Technology Compliance Systems Partner and Control Relations Partner Change Policy Ops and Contract Information Access Build and Relationship Managemen Managemen Maintenanc Managemen Security Control Deploy Managemen t t e t t
Compliance and Control: Information Security  Information Security Office  Chief Information Security Officer  Implement the Information Security Policy  Implement the Access Control Policy  Implement the Backup/Restoration Policy  Conduct Information Security Office Meetings  All meetings to be recorded (MOM)  Conduct Reviews  Security, Access Control, AUP, B&R, DR Policy  Record all Policy Reviews (MOM)  Policies to be updated and approved  Updates to policies to be logged
Compliance and Control: Information Security  Communication:  Information Security Policy and Access Control Policy updates to all employees periodically.  HR Training calendar for Security and Appropriate Usage sessions.  Conduct Security Awareness and Appropriate Sessions for new joinees.  Monitoring  Review of System Exception Logs, Unauthorized Logins, Authorized Users lists  All Reviews to be logged and the review reports with findings signed off on.  Action taken report to be reviewed and signed off-on.
Compliance and Control: Information Security  Define  Data Backup/Restoration Process  Recovery Testing Process  Data securing process (tape-to-bank)  Review  Data Backup/Restoration Process  Recovery Testing Process  Data securing process (tape-to-bank)  Backup/Restoration/Recovery Testing Log Sheet  Monthly Tape-To-Bank Log Sheet  All reviews to be recorded (MOM)
Access Control Creation/Deletion of User IDs /privilege grants process Request for user id Request for user id Authorized creation / deletion creation / deletion Request (email authorized by and hardcopy) raised by business business unit Head approved by unit mgr. Head - IO Request from HR for domain/email ID Hardcopy of Authorized Confirmation Request sent for granting Filed by Mgr – IS & App and Server requested Request for temporary Access Auth Matrix Privileges/access unprivileged access Updated To server raised by user Email/Domain Application User Request for privileged Login Login Access on server raised Request Created/Removed Created/Removed By NOC/Engineering Authorized By Manager - IT by Manager: IS team By CTO
Access Control Authorizations Filing Authorization Filing Manager Process & Control Email / Domain Privileged Access Application Users Temporary Access Users Users Authorizations Authorizations Authorizations Authorizations Signed Signed Signed Signed Authorization Authorization Authorization Authorization Form Form Form Form User Creation / User Creation / Removal Removal Log Log Application Email / Domain Authorization Users List Matrix
Office of Compliance and Control: Change Management  Periodic Review of  Change Management Process.  Change Requests submitted.  Change Request Approvals  Pending deployments  Review Meetings minutes to be recorded and the findings of the review documented  Review Report with recommendations for re-mediation submitted, report approved.  Approved recommendations carried out.  Review of re-mediation carried out, approved and signed-off on.
Office of Compliance and Control: Policy Management  Information Steering Committee (ISC)  Policy Reviews and Updates  Schedule for ISC and Policy Reviews  Conduct Reviews, report submission.  Report Approvals, Policy updated and approved.
Information Office Hierarchy Head – Information Office Chief Information Security Information Director Officer Office Information Systems Sr. Mgr Office of Sr. Mgr Sr. Mgr Technology Compliance & Info. Systems Vendor Partner Control Compliance Relations Systems Relations & (Engineering Control Office) Information Partner Access Change Policy Build and Ops & Contract Security Relationship Control Control Management Deploy Maintenance Management Management

Recomendados

Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product Line
Novell
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
IBM Sverige
 
Co p
Co pCo p
Co p
Allyn McGillicuddy
 
Co p
Co pCo p
Co p
Allyn McGillicuddy
 
European Business Rules Conference 2005 : Rule Standards
European Business Rules Conference 2005 : Rule StandardsEuropean Business Rules Conference 2005 : Rule Standards
European Business Rules Conference 2005 : Rule Standards
Dan Selman
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
Noam Bunder
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
OracleIDM
 
InfosysPublicServices - MHP Collaboration | Integration & Collaboration Solution
InfosysPublicServices - MHP Collaboration | Integration & Collaboration SolutionInfosysPublicServices - MHP Collaboration | Integration & Collaboration Solution
InfosysPublicServices - MHP Collaboration | Integration & Collaboration Solution
Infosys
 

Recomendados

Overview of Identity and Access Management Product Line
Overview of Identity and Access Management Product LineOverview of Identity and Access Management Product Line
Overview of Identity and Access Management Product Line
Novell
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
IBM Sverige
 
Co p
Co pCo p
Co p
Allyn McGillicuddy
 
Co p
Co pCo p
Co p
Allyn McGillicuddy
 
European Business Rules Conference 2005 : Rule Standards
European Business Rules Conference 2005 : Rule StandardsEuropean Business Rules Conference 2005 : Rule Standards
European Business Rules Conference 2005 : Rule Standards
Dan Selman
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
Noam Bunder
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
OracleIDM
 
InfosysPublicServices - MHP Collaboration | Integration & Collaboration Solution
InfosysPublicServices - MHP Collaboration | Integration & Collaboration SolutionInfosysPublicServices - MHP Collaboration | Integration & Collaboration Solution
InfosysPublicServices - MHP Collaboration | Integration & Collaboration Solution
Infosys
 
CrossIdeas Roadshow IAM Governance IBM Marco Venuti
CrossIdeas Roadshow IAM Governance IBM Marco VenutiCrossIdeas Roadshow IAM Governance IBM Marco Venuti
CrossIdeas Roadshow IAM Governance IBM Marco Venuti
IBM Sverige
 
Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simply
Lilian Schaffer
 
Touchcom Sales Presentation
Touchcom Sales PresentationTouchcom Sales Presentation
Touchcom Sales Presentation
ewickline
 
Tcg Veriam Slm Intro Deck
Tcg Veriam Slm Intro DeckTcg Veriam Slm Intro Deck
Tcg Veriam Slm Intro Deck
Kamila_W
 
Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Final cms id mu1 b-5 3 senior leader summary-6-26-12_Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Master Chief Petty Officer of the Navy
 
Detailed Total Enrollment
Detailed Total EnrollmentDetailed Total Enrollment
Detailed Total Enrollment
treyreeves1953
 
Enhancing Novell SecureLogin with Multi-factor Authentication
Enhancing Novell SecureLogin with Multi-factor AuthenticationEnhancing Novell SecureLogin with Multi-factor Authentication
Enhancing Novell SecureLogin with Multi-factor Authentication
Novell
 
Technology Enhanced RCM
Technology Enhanced RCMTechnology Enhanced RCM
Technology Enhanced RCM
MaggieLewis
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
OracleIDM
 
Healthcare overview
Healthcare overviewHealthcare overview
Healthcare overview
Zensar Technologies Ltd.
 
Embracing the Convergence of IT Service & Asset Management
Embracing the Convergence of IT Service & Asset ManagementEmbracing the Convergence of IT Service & Asset Management
Embracing the Convergence of IT Service & Asset Management
BMC Software
 
Barclay rae itsmf itsm12 presentation nov 2012
Barclay rae itsmf itsm12 presentation nov 2012Barclay rae itsmf itsm12 presentation nov 2012
Barclay rae itsmf itsm12 presentation nov 2012
Barclay Rae
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
OracleIDM
 
Software Asset Management
Software Asset ManagementSoftware Asset Management
Software Asset Management
sleterrier
 
Iraje brochure v17 master
Iraje brochure v17 masterIraje brochure v17 master
Iraje brochure v17 master
Mechsoft Technologies LLC
 
Cloud computing for signature management
Cloud computing for signature managementCloud computing for signature management
Cloud computing for signature management
isigma, firma electrónica
 
Printing & copying
Printing & copyingPrinting & copying
Printing & copying
Naomi Elliott
 
IBOR Middle Office Information Delivery
IBOR Middle Office Information DeliveryIBOR Middle Office Information Delivery
IBOR Middle Office Information Delivery
Burak S. Arikan
 
Ka Ni Kanichihk IOAA Program Information Session
Ka Ni Kanichihk IOAA Program Information SessionKa Ni Kanichihk IOAA Program Information Session
Ka Ni Kanichihk IOAA Program Information Session
Ka Ni Kanichihk Inc
 
Lecture1 (is342) (office automationsystems)
Lecture1 (is342) (office automationsystems)Lecture1 (is342) (office automationsystems)
Lecture1 (is342) (office automationsystems)
Taibah University, College of Computer Science & Engineering
 
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
Amazon Web Services
 
Office Automation System
Office Automation SystemOffice Automation System
Office Automation System
university of education,Lahore
 

Más contenido relacionado

La actualidad más candente

Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simply
Lilian Schaffer
 
Touchcom Sales Presentation
Touchcom Sales PresentationTouchcom Sales Presentation
Touchcom Sales Presentation
ewickline
 
Enhancing Novell SecureLogin with Multi-factor Authentication
Enhancing Novell SecureLogin with Multi-factor AuthenticationEnhancing Novell SecureLogin with Multi-factor Authentication
Enhancing Novell SecureLogin with Multi-factor Authentication
Novell
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
OracleIDM
 
Barclay rae itsmf itsm12 presentation nov 2012
Barclay rae itsmf itsm12 presentation nov 2012Barclay rae itsmf itsm12 presentation nov 2012
Barclay rae itsmf itsm12 presentation nov 2012
Barclay Rae
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
OracleIDM
 

La actualidad más candente (15)

CrossIdeas Roadshow IAM Governance IBM Marco Venuti
CrossIdeas Roadshow IAM Governance IBM Marco VenutiCrossIdeas Roadshow IAM Governance IBM Marco Venuti
CrossIdeas Roadshow IAM Governance IBM Marco Venuti
 
Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simply
 
Touchcom Sales Presentation
Touchcom Sales PresentationTouchcom Sales Presentation
Touchcom Sales Presentation
 
Tcg Veriam Slm Intro Deck
Tcg Veriam Slm Intro DeckTcg Veriam Slm Intro Deck
Tcg Veriam Slm Intro Deck
 
Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Final cms id mu1 b-5 3 senior leader summary-6-26-12_Final cms id mu1 b-5 3 senior leader summary-6-26-12_
Final cms id mu1 b-5 3 senior leader summary-6-26-12_
 
Detailed Total Enrollment
Detailed Total EnrollmentDetailed Total Enrollment
Detailed Total Enrollment
 
Enhancing Novell SecureLogin with Multi-factor Authentication
Enhancing Novell SecureLogin with Multi-factor AuthenticationEnhancing Novell SecureLogin with Multi-factor Authentication
Enhancing Novell SecureLogin with Multi-factor Authentication
 
Technology Enhanced RCM
Technology Enhanced RCMTechnology Enhanced RCM
Technology Enhanced RCM
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
 
Healthcare overview
Healthcare overviewHealthcare overview
Healthcare overview
 
Embracing the Convergence of IT Service & Asset Management
Embracing the Convergence of IT Service & Asset ManagementEmbracing the Convergence of IT Service & Asset Management
Embracing the Convergence of IT Service & Asset Management
 
Barclay rae itsmf itsm12 presentation nov 2012
Barclay rae itsmf itsm12 presentation nov 2012Barclay rae itsmf itsm12 presentation nov 2012
Barclay rae itsmf itsm12 presentation nov 2012
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Software Asset Management
Software Asset ManagementSoftware Asset Management
Software Asset Management
 
Iraje brochure v17 master
Iraje brochure v17 masterIraje brochure v17 master
Iraje brochure v17 master
 

Destacado

Destacado (9)

Cloud computing for signature management
Cloud computing for signature managementCloud computing for signature management
Cloud computing for signature management
 
Printing & copying
Printing & copyingPrinting & copying
Printing & copying
 
IBOR Middle Office Information Delivery
IBOR Middle Office Information DeliveryIBOR Middle Office Information Delivery
IBOR Middle Office Information Delivery
 
Ka Ni Kanichihk IOAA Program Information Session
Ka Ni Kanichihk IOAA Program Information SessionKa Ni Kanichihk IOAA Program Information Session
Ka Ni Kanichihk IOAA Program Information Session
 
Lecture1 (is342) (office automationsystems)
Lecture1 (is342) (office automationsystems)Lecture1 (is342) (office automationsystems)
Lecture1 (is342) (office automationsystems)
 
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...
 
Office Automation System
Office Automation SystemOffice Automation System
Office Automation System
 
Office automation sysmtems
Office automation sysmtemsOffice automation sysmtems
Office automation sysmtems
 
Office automation system
Office automation systemOffice automation system
Office automation system
 

Similar a Model Information Office

5.5 incorporating security in it solutions (mauritius)
5.5 incorporating security in it solutions (mauritius)5.5 incorporating security in it solutions (mauritius)
5.5 incorporating security in it solutions (mauritius)
Corporate Registers Forum
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx
Anand Dhouni
 
What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0
Novell
 
Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)
Microsoft Norge AS
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
ruiruitang
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
ruiruitang
 
What's New in Maximo 7 Workshop Alex Estevam Sep 2012
What's New in Maximo 7 Workshop Alex Estevam Sep 2012What's New in Maximo 7 Workshop Alex Estevam Sep 2012
What's New in Maximo 7 Workshop Alex Estevam Sep 2012
alipaiva
 

Similar a Model Information Office (20)

AM Side details
AM Side detailsAM Side details
AM Side details
 
The Information Office
The Information OfficeThe Information Office
The Information Office
 
Workflow Manager for Software License Optimization
Workflow Manager for Software License OptimizationWorkflow Manager for Software License Optimization
Workflow Manager for Software License Optimization
 
5.5 incorporating security in it solutions (mauritius)
5.5 incorporating security in it solutions (mauritius)5.5 incorporating security in it solutions (mauritius)
5.5 incorporating security in it solutions (mauritius)
 
Intro to Identity Management
Intro to Identity ManagementIntro to Identity Management
Intro to Identity Management
 
20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx20170912_Identity_and_Access_Management.pptx
20170912_Identity_and_Access_Management.pptx
 
IDM in telecom industry
IDM in telecom industryIDM in telecom industry
IDM in telecom industry
 
What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0
 
Keeping it Simple with Permission Sets
Keeping it Simple with Permission SetsKeeping it Simple with Permission Sets
Keeping it Simple with Permission Sets
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
 
Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)Forefront Identity Manager 2010 (Av Rune Lystad)
Forefront Identity Manager 2010 (Av Rune Lystad)
 
User Manager
User ManagerUser Manager
User Manager
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
Real User Experience Insight
Real User Experience InsightReal User Experience Insight
Real User Experience Insight
 
What's New in Maximo 7 Workshop Alex Estevam Sep 2012
What's New in Maximo 7 Workshop Alex Estevam Sep 2012What's New in Maximo 7 Workshop Alex Estevam Sep 2012
What's New in Maximo 7 Workshop Alex Estevam Sep 2012
 
Creating Intelligent Enterprises with Unified Aftermarket Services by Tavant ...
Creating Intelligent Enterprises with Unified Aftermarket Services by Tavant ...Creating Intelligent Enterprises with Unified Aftermarket Services by Tavant ...
Creating Intelligent Enterprises with Unified Aftermarket Services by Tavant ...
 
TechEd 2012 NA - MGT332 - fighting fire to the cloud!
TechEd 2012 NA - MGT332 - fighting fire to the cloud!TechEd 2012 NA - MGT332 - fighting fire to the cloud!
TechEd 2012 NA - MGT332 - fighting fire to the cloud!
 
Dreamforce'12 - Automate Business Processes with Force.com
Dreamforce'12 - Automate Business Processes with Force.comDreamforce'12 - Automate Business Processes with Force.com
Dreamforce'12 - Automate Business Processes with Force.com
 
Transforming IT - ITaaS Onboarding
Transforming IT - ITaaS OnboardingTransforming IT - ITaaS Onboarding
Transforming IT - ITaaS Onboarding
 

Más de Mahesh Patwardhan

Social Media in Sports - some Case Studies
Social Media in Sports - some Case StudiesSocial Media in Sports - some Case Studies
Social Media in Sports - some Case Studies
Mahesh Patwardhan
 

Más de Mahesh Patwardhan (15)

IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
Digital Landscape
Digital LandscapeDigital Landscape
Digital Landscape
 
Social Media Publishing & Aggregation
Social Media Publishing & AggregationSocial Media Publishing & Aggregation
Social Media Publishing & Aggregation
 
Social Media Metrics
Social Media MetricsSocial Media Metrics
Social Media Metrics
 
Social Media For A Sporting Event
Social Media For A Sporting EventSocial Media For A Sporting Event
Social Media For A Sporting Event
 
A Real Time Web Analytics System
A Real Time Web Analytics SystemA Real Time Web Analytics System
A Real Time Web Analytics System
 
Revenue Reconciliation System
Revenue Reconciliation SystemRevenue Reconciliation System
Revenue Reconciliation System
 
Business Analytics System
Business Analytics SystemBusiness Analytics System
Business Analytics System
 
Concept for a Facebook App for a Mexican Restaurant
Concept for a Facebook App for a Mexican RestaurantConcept for a Facebook App for a Mexican Restaurant
Concept for a Facebook App for a Mexican Restaurant
 
A concept for a facebook app
A concept for a facebook appA concept for a facebook app
A concept for a facebook app
 
Digital And New Media Strategy using Web 2.0
Digital And New Media Strategy using Web 2.0Digital And New Media Strategy using Web 2.0
Digital And New Media Strategy using Web 2.0
 
Digital And New Media Consultancy Services
Digital And New Media Consultancy ServicesDigital And New Media Consultancy Services
Digital And New Media Consultancy Services
 
Lets Build A Story
Lets Build A StoryLets Build A Story
Lets Build A Story
 
Social Media in Sports - some Case Studies
Social Media in Sports - some Case StudiesSocial Media in Sports - some Case Studies
Social Media in Sports - some Case Studies
 
Social Media - some case studies
Social Media - some case studiesSocial Media - some case studies
Social Media - some case studies
 

Último

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Último (20)

Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 

Model Information Office

  • 1. Compliance & Control, Systems & Partner Relationship Management Mahesh Patwardhan maheshpatwardhan@rediffmail.com
  • 2. Information Office Office of Technology Compliance Systems Partner and Control Relations Partner Change Policy Ops and Contract Information Access Build and Relationship Managemen Managemen Maintenanc Managemen Security Control Deploy Managemen t t e t t
  • 3. Compliance and Control: Information Security  Information Security Office  Chief Information Security Officer  Implement the Information Security Policy  Implement the Access Control Policy  Implement the Backup/Restoration Policy  Conduct Information Security Office Meetings  All meetings to be recorded (MOM)  Conduct Reviews  Security, Access Control, AUP, B&R, DR Policy  Record all Policy Reviews (MOM)  Policies to be updated and approved  Updates to policies to be logged
  • 4. Compliance and Control: Information Security  Communication:  Information Security Policy and Access Control Policy updates to all employees periodically.  HR Training calendar for Security and Appropriate Usage sessions.  Conduct Security Awareness and Appropriate Sessions for new joinees.  Monitoring  Review of System Exception Logs, Unauthorized Logins, Authorized Users lists  All Reviews to be logged and the review reports with findings signed off on.  Action taken report to be reviewed and signed off-on.
  • 5. Compliance and Control: Information Security  Define  Data Backup/Restoration Process  Recovery Testing Process  Data securing process (tape-to-bank)  Review  Data Backup/Restoration Process  Recovery Testing Process  Data securing process (tape-to-bank)  Backup/Restoration/Recovery Testing Log Sheet  Monthly Tape-To-Bank Log Sheet  All reviews to be recorded (MOM)
  • 6. Access Control Creation/Deletion of User IDs /privilege grants process Request for user id Request for user id Authorized creation / deletion creation / deletion Request (email authorized by and hardcopy) raised by business business unit Head approved by unit mgr. Head - IO Request from HR for domain/email ID Hardcopy of Authorized Confirmation Request sent for granting Filed by Mgr – IS & App and Server requested Request for temporary Access Auth Matrix Privileges/access unprivileged access Updated To server raised by user Email/Domain Application User Request for privileged Login Login Access on server raised Request Created/Removed Created/Removed By NOC/Engineering Authorized By Manager - IT by Manager: IS team By CTO
  • 7. Access Control Authorizations Filing Authorization Filing Manager Process & Control Email / Domain Privileged Access Application Users Temporary Access Users Users Authorizations Authorizations Authorizations Authorizations Signed Signed Signed Signed Authorization Authorization Authorization Authorization Form Form Form Form User Creation / User Creation / Removal Removal Log Log Application Email / Domain Authorization Users List Matrix
  • 8. Office of Compliance and Control: Change Management  Periodic Review of  Change Management Process.  Change Requests submitted.  Change Request Approvals  Pending deployments  Review Meetings minutes to be recorded and the findings of the review documented  Review Report with recommendations for re-mediation submitted, report approved.  Approved recommendations carried out.  Review of re-mediation carried out, approved and signed-off on.
  • 9. Office of Compliance and Control: Policy Management  Information Steering Committee (ISC)  Policy Reviews and Updates  Schedule for ISC and Policy Reviews  Conduct Reviews, report submission.  Report Approvals, Policy updated and approved.
  • 10. Information Office Hierarchy Head – Information Office Chief Information Security Information Director Officer Office Information Systems Sr. Mgr Office of Sr. Mgr Sr. Mgr Technology Compliance & Info. Systems Vendor Partner Control Compliance Relations Systems Relations & (Engineering Control Office) Information Partner Access Change Policy Build and Ops & Contract Security Relationship Control Control Management Deploy Maintenance Management Management