GRCPS All Governance - Risk , Compliance, Management, Security

Security

David Wheeler — Sat, 14 Jun 2014 04:59:57 +0000

The GRC Professional seminar will teach you how to efficiently design and enhance GRC activities within your business based on established GRC standards. This program also will prepare you to enhance your credentials by taking the GRC Professional certification exam, offered by OCEG’s affiliate organization.

The post Security appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Project Management

David Wheeler — Sat, 14 Jun 2014 04:59:38 +0000

The post Project Management appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Risk

David Wheeler — Sat, 14 Jun 2014 04:59:18 +0000

The post Risk appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Governance

David Wheeler — Sat, 14 Jun 2014 04:59:02 +0000

The post Governance appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

GRC

David Wheeler — Sat, 14 Jun 2014 04:58:39 +0000

The post GRC appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Blog Item

David Wheeler — Sat, 14 Jun 2014 02:22:02 +0000

2014 GRC Drivers, Trends & Directions Written by Michael Rasmussen I trust your governance, risk management, and compliance (GRC) initiatives are fruitful. It is important to note that every organization does GRC. Every organization has some approach to governance, risk management, and compliance processes. These may be siloed or integrated, centralized or federated. They may be fly by the seat of your pants or defined and disciplined. GRC is not just technology; it is about people, strategy, process, information and technology. GRC maturity is measured by how this is integrated, aligned with the business, and provides business value. GRC is not only about a strategy that spans the enterprise – GRC happens in different departments and functions throughout the business. There are top down enterprise-wide GRC initiatives, but a lot of GRC happens in the trenches throughout the organization in disconnected departments. It is good to be forward looking to see what the future beholds us in GRC. As a market research analyst I dust off my palantir (that is a crystal ball for the non-Tolkien enthusiasts) and tell you what is important for 2014 as we look ahead. The future depends on the past and the events that drive […]

The post Blog Item appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Federal Courts

David Wheeler — Sat, 14 Jun 2014 01:53:23 +0000

Introduction The Federal Courts ICT division were seeking to implement a robust framework to deliver greater efficiency and effectiveness for the services being provided to the internal customers. The aim was to identify what processes and toolsets could be utilised to assist in developing the maturity for their IT Service Management environment. The Challenge The Federal Court ICT division did not want to implement a framework that was complex and costly with the need for large numbers of additional resources. The intention was to identify where more effective processes could be utilised to improve efficiency and be an enabler for the team members in undertaking their tasks in delivery quality services (aligned with business objectives and outcomes). The Solution A comprehensive maturity assessment was undertaken to identify the maturity level of processes, tools and technology across the ICT environment and a report was presented to the executive. The report identified where the delivery of services was in good shape and where improvements could be made. An ITSM program was installed to provide focus and understanding of the intention of the project to improve service delivery where it was identified gaps were found. It was identified that ITIL was to be […]

The post Federal Courts appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Great Lakes Council

David Wheeler — Sat, 14 Jun 2014 01:52:50 +0000

Introduction Great Lakes Council was seeking the development of an ICT Strategic Plan. Council requested that this project be given a priority and therefore is seeking to commence the development an Information Communication Technology (ICT) Strategic Plan to meet the needs of the organisation. The plan should support Council elements of the Integrated Planning and Reporting Framework (IP&R Framework) including: Great Lakes 2030 Community Strategic Plan & Resourcing Strategies (10 Year) Delivery Program (4 Year) Operational Program (1 Year) NSW Government ICT Strategy 2012 Results of Service Delivery Review The Challenge The scope included the whole of Council in respect of: Identify Strategic Objectives that rely on ICT Demands of ICT services and systems Capabilities of ICT services and systems Address any ICT issues Emerging ICT trends and how these could assist council business Internal Customers, Management, key stakeholders and end users These items were to be collated and brought together as a holistic plan to improve and revitalise Council ICT across all divisions. The Solution The following activities were undertaken to obtain extensive feedback and insight with regard to requirements and capability in developing the ICT Strategy. Interviewed Council Divisions Input from Community Survey Considered all inputs – Council […]

The post Great Lakes Council appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Lifeline – IT Strategic Plan

David Wheeler — Sat, 14 Jun 2014 01:52:06 +0000

Introduction Lifeline also provides national services and campaigns that promote emotional wellbeing, encourage help seeking, and address suicide prevention and awareness. Lifeline is a not-for-profit organisation and relies on community support. The Information Technology Strategic Plan recognises the critical role of IT services in supporting Lifeline’s business objectives and the provision of services to all stakeholders. A primary goal of this plan was to develop an IT environment that will deliver quality and efficient services, in a risk controlled manner using recognised governance and security frameworks. The Information Technology Strategic Plan is intended to chart a course for IT over the next three years and will be modified as needed to reflect environmental changes. The Challenge To define an environment that will be supported by a ‘Service Delivery’ framework aligned to ITIL best practice principles and delivered by a robust and well managed project management methodology. The Lifeline IT Technology Strategy Plan is intended to be a forward looking proactive plan of action to achieve stated outcomes that will enable the Lifeline IT department to deliver services in an effective and efficient manner. The document must be written in a straightforward and easy-to-understand manner with the intention that all Lifeline […]

The post Lifeline – IT Strategic Plan appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.

Port Hedland Port Authority

David Wheeler — Sat, 14 Jun 2014 01:51:29 +0000

Introduction Port Hedland Port Authority was seeking to implement a robust Information Security Management System (ISMS) to complement their other Management frameworks. In the first instance PHPA needed to arrange management support for implementing an appropriate ISMS using the ISO27001 Standard, with the intent to move towards obtaining Certification in this standard. Management intent was outlined in subsequent minutes of the Steering Committee to clearly identify that this is in agreement with the direction and objectives of management. The minutes included sign-off on the understanding to engage suitable resources and to ensure that all support is provided to undertake this activity. The meeting minutes and any associated documents, materials or otherwise went into the records repository that was will set up to manage the documentation / records for the ISMS. (If you have such a repository for Quality or other management system then you could use that as well). The Challenge The challenge was to implement an appropriate ISMS which was not burdensome or complicated beyond what was necessary for the business to demonstrate compliance and suitably manage security objectives. The ISO27001 is reliant upon an organisation having a good understanding of their assets and then applying an effective risk […]

The post Port Hedland Port Authority appeared first on GRCPS All Governance - Risk , Compliance, Management, Security.