SlideShare ist ein Scribd-Unternehmen logo

[Risk] Risk Manager for IRAM2 Application

A
Affy Morris MSc, ACIM

SureCloud has worked with key ISF community members to develop an application (Risk Manager for IRAM2) that helps to consolidate the IRAM2 risk assessment process. This application supports the ISF's world class methodology that help risk practitioners as well as other business and technology leaders to apply a simple, practical, rigorous approach to managing risks.

Technologie
1 von 24
Downloaden Sie, um offline zu lesen
www.surecloud.com © 2016 SureCloud Limited. All rights reserved. Risk Manager for IRAM2 Thursday 17th November 2016 Presented by: Nick Rafferty, Chief Operating Officer Oliver Vistisen, Head of Products
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com Agenda • Introduction to SureCloud • What is IRAM2? • IRAM2 on the SureCloud Platform • Demonstration • Further Opportunities • Questions & Answers
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Introduction to SureCloud
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is the SureCloud Platform? Create & Notify Assess Review Sign-off Global City 1 City 2 City 3 Region Register: Suppliers Date: May16 Unit: EMEA Supplier 1 Supplier 2 Supplier 3 Supplier 4 Supplier 5 Registers Workflows Assessments  3rd Party Risk  Risk Assessment  Compliance Gap Anal.  Audit  CSR  Incident Response  BIA Groups Reports Dashboards & Charts API: Excel, Power BI
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com SureCloud GRC Applications
How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. What is IRAM2?
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com IRAM2 Assessment Tool
How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. IRAM2 on the SureCloud Platform
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What has SureCloud done? • Multiple staff members attended ISF practitioner training • Worked with key ISF community members to ensure we can support wider practitioner requirements • Conducted multiple in-house risk assessments to understand the methodology in detail • Proactively suggested ways to streamline the process through technology
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What does the SureCloud Platform provide? • Re-use of common stages through centralisation of content • Workflow to automate aspects of the process • Notifications and offline assessments • Multi-assessment management and status tracking • Aggregation across assessments and business focused reporting • Links to other GRC applications such as Compliance Manager for BAU activities
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com IRAM2 Assessment Tool
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is SureCloud delivering?
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Demonstration
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Further Opportunities
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com IRAM2: Triage Approach • A full IRAM2 assessment may not be necessary for all levels of criticality • Each organisations BIA can drive informed decision-making: Major or Critical BI Rating – undertake the full IRAM2 methodology Medium BI Rating – apply Prioritised Controls Minor BI Rating – No need to proceed • Predefined Threat & Threat Events assessments and Control Effectiveness assessments • The ISF is currently working to define what a triage approach might look like
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com Tying it all together Compliance Manager Policies ISO Operational Controls Processes Objectives Actions List Risk Assessments Champions Owners Categories Risk Library Department Incidents Affected Assets Failed Controls Loss Estimation Action Plan Incident Manager Audits Audit Universe Systems & Components Assets Business Impact Assessments Products & Services Audit Plan Tests COSO Control Library PCI OHSAS Risk Appetite & Tolerance Metrics Standards Requirements Emergency Response& DR Plans Training Business Continuity Manager Policy Manager Audit Manager ReferenceLists Findings GRC AssessmentManager Third Party Register Key Contacts Relationship Owner Assessments Risk Manager
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Questions & Answers
© 2016 SureCloud Limited. All rights reserved. www.surecloud.com Questions & Answers About SureCloud • SureCloud is a provider of GRC Applications and Cybersecurity Services. Our Cloud Platform has helped 100s of blue chip businesses and 1,000s of users to improve productivity and efficiency by replacing and automating spreadsheet based risk and compliance processes • In addition, our cybersecurity testing and assurance services team help organisations secure their information assets, systems and networks as well as providing a holistic view of cyber risk using the SureCloud Platform.

Empfohlen

Threat Modelling and managed risks for medical devices
Threat Modelling and managed risks for medical devicesThreat Modelling and managed risks for medical devices
Threat Modelling and managed risks for medical devicesFrédéric Sagez
 
ISO Survey 2022: ISO 27001 certificates (ISMS)
ISO Survey 2022: ISO 27001 certificates (ISMS)ISO Survey 2022: ISO 27001 certificates (ISMS)
ISO Survey 2022: ISO 27001 certificates (ISMS)Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity Engineering
ISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity EngineeringISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity Engineering
ISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity EngineeringBryan Len
 
Security Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptx
Security Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptxSecurity Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptx
Security Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptxVikas Singh Yadav
 
Web and Mobile Experts - Noto It Solutions
Web and Mobile Experts - Noto It SolutionsWeb and Mobile Experts - Noto It Solutions
Web and Mobile Experts - Noto It SolutionsAshish Sharma
 
What is OutSystems?
What is OutSystems?What is OutSystems?
What is OutSystems?Metizsoft Solutions Private Limited
 
DevSecOps - Colocando segurança na esteira
DevSecOps - Colocando segurança na esteiraDevSecOps - Colocando segurança na esteira
DevSecOps - Colocando segurança na esteiraDiego Gabriel Cardoso
 
Why OutSystems
Why OutSystemsWhy OutSystems
Why OutSystemsMustafa Kuğu
 

Empfohlen

Threat Modelling and managed risks for medical devices
Threat Modelling and managed risks for medical devicesThreat Modelling and managed risks for medical devices
Threat Modelling and managed risks for medical devicesFrédéric Sagez
 
ISO Survey 2022: ISO 27001 certificates (ISMS)
ISO Survey 2022: ISO 27001 certificates (ISMS)ISO Survey 2022: ISO 27001 certificates (ISMS)
ISO Survey 2022: ISO 27001 certificates (ISMS)Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
ISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity Engineering
ISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity EngineeringISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity Engineering
ISO Automotive,SAE 21434 Training, Road Vehicles Cybersecurity EngineeringBryan Len
 
Security Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptx
Security Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptxSecurity Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptx
Security Operations Cloud vs On Prem ISC2 Bangalore SlideShare.pptxVikas Singh Yadav
 
Web and Mobile Experts - Noto It Solutions
Web and Mobile Experts - Noto It SolutionsWeb and Mobile Experts - Noto It Solutions
Web and Mobile Experts - Noto It SolutionsAshish Sharma
 
What is OutSystems?
What is OutSystems?What is OutSystems?
What is OutSystems?Metizsoft Solutions Private Limited
 
DevSecOps - Colocando segurança na esteira
DevSecOps - Colocando segurança na esteiraDevSecOps - Colocando segurança na esteira
DevSecOps - Colocando segurança na esteiraDiego Gabriel Cardoso
 
Why OutSystems
Why OutSystemsWhy OutSystems
Why OutSystemsMustafa Kuğu
 
PolicyStreet - Insurtech Innovation Award 2023
PolicyStreet - Insurtech Innovation Award 2023PolicyStreet - Insurtech Innovation Award 2023
PolicyStreet - Insurtech Innovation Award 2023The Digital Insurer
 
Innovating at the Speed of Business in the High-Bandwidth World of Digital Media
Innovating at the Speed of Business in the High-Bandwidth World of Digital MediaInnovating at the Speed of Business in the High-Bandwidth World of Digital Media
Innovating at the Speed of Business in the High-Bandwidth World of Digital MediaOutSystems
 
A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionAmazon Web Services
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentationtsteh
 
Software Security Frameworks
Software Security FrameworksSoftware Security Frameworks
Software Security FrameworksMarco Morana
 
A Guide to Nonprofit Strategic Planning
A Guide to Nonprofit Strategic Planning A Guide to Nonprofit Strategic Planning
A Guide to Nonprofit Strategic Planning Bloomerang
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
 
skipfish
skipfishskipfish
skipfishChristian Heinrich
 
12 Best Privacy Frameworks
12 Best Privacy Frameworks12 Best Privacy Frameworks
12 Best Privacy FrameworksAndrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsSOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsMark S. Mahre
 
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)Embitel Technologies (I) PVT LTD
 
2022 OWASP AppSec USA Keynote
2022 OWASP AppSec USA Keynote2022 OWASP AppSec USA Keynote
2022 OWASP AppSec USA KeynoteSimon Bennetts
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Soc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationSoc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationVISTA InfoSec
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.Jerimi Soma
 
Unattended OutSystems Installation
Unattended OutSystems InstallationUnattended OutSystems Installation
Unattended OutSystems InstallationOutSystems
 
Azure information protection
Azure information protectionAzure information protection
Azure information protectionKjetil Lund-Paulsen
 
Business Partnership Proposal Powerpoint Presentation Slides
Business Partnership Proposal Powerpoint Presentation SlidesBusiness Partnership Proposal Powerpoint Presentation Slides
Business Partnership Proposal Powerpoint Presentation SlidesSlideTeam
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for DummiesLiberteks
 
Application form-for-regular-pension-and-graduaity
Application form-for-regular-pension-and-graduaityApplication form-for-regular-pension-and-graduaity
Application form-for-regular-pension-and-graduaityM.Ramzan Burfat
 
The Top Skills That Can Get You Hired in 2017
The Top Skills That Can Get You Hired in 2017The Top Skills That Can Get You Hired in 2017
The Top Skills That Can Get You Hired in 2017LinkedIn
 

Weitere ähnliche Inhalte

Was ist angesagt?

PolicyStreet - Insurtech Innovation Award 2023
PolicyStreet - Insurtech Innovation Award 2023PolicyStreet - Insurtech Innovation Award 2023
PolicyStreet - Insurtech Innovation Award 2023The Digital Insurer
 
Innovating at the Speed of Business in the High-Bandwidth World of Digital Media
Innovating at the Speed of Business in the High-Bandwidth World of Digital MediaInnovating at the Speed of Business in the High-Bandwidth World of Digital Media
Innovating at the Speed of Business in the High-Bandwidth World of Digital MediaOutSystems
 
A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionAmazon Web Services
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentationtsteh
 
Software Security Frameworks
Software Security FrameworksSoftware Security Frameworks
Software Security FrameworksMarco Morana
 
A Guide to Nonprofit Strategic Planning
A Guide to Nonprofit Strategic Planning A Guide to Nonprofit Strategic Planning
A Guide to Nonprofit Strategic Planning Bloomerang
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsSOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsMark S. Mahre
 
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)Embitel Technologies (I) PVT LTD
 
2022 OWASP AppSec USA Keynote
2022 OWASP AppSec USA Keynote2022 OWASP AppSec USA Keynote
2022 OWASP AppSec USA KeynoteSimon Bennetts
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Soc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationSoc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationVISTA InfoSec
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.Jerimi Soma
 
Unattended OutSystems Installation
Unattended OutSystems InstallationUnattended OutSystems Installation
Unattended OutSystems InstallationOutSystems
 
Business Partnership Proposal Powerpoint Presentation Slides
Business Partnership Proposal Powerpoint Presentation SlidesBusiness Partnership Proposal Powerpoint Presentation Slides
Business Partnership Proposal Powerpoint Presentation SlidesSlideTeam
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for DummiesLiberteks
 

Was ist angesagt? (20)

PolicyStreet - Insurtech Innovation Award 2023
PolicyStreet - Insurtech Innovation Award 2023PolicyStreet - Insurtech Innovation Award 2023
PolicyStreet - Insurtech Innovation Award 2023
 
Innovating at the Speed of Business in the High-Bandwidth World of Digital Media
Innovating at the Speed of Business in the High-Bandwidth World of Digital MediaInnovating at the Speed of Business in the High-Bandwidth World of Digital Media
Innovating at the Speed of Business in the High-Bandwidth World of Digital Media
 
A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentation
 
Software Security Frameworks
Software Security FrameworksSoftware Security Frameworks
Software Security Frameworks
 
A Guide to Nonprofit Strategic Planning
A Guide to Nonprofit Strategic Planning A Guide to Nonprofit Strategic Planning
A Guide to Nonprofit Strategic Planning
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
 
skipfish
skipfishskipfish
skipfish
 
12 Best Privacy Frameworks
12 Best Privacy Frameworks12 Best Privacy Frameworks
12 Best Privacy Frameworks
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security ControlsSOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
 
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
Introduction to AUTOSAR BSW (Base Software) & RTE (Real-Time Environment)
 
2022 OWASP AppSec USA Keynote
2022 OWASP AppSec USA Keynote2022 OWASP AppSec USA Keynote
2022 OWASP AppSec USA Keynote
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Soc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organizationSoc 2 attestation or ISO 27001 certification - Which is better for organization
Soc 2 attestation or ISO 27001 certification - Which is better for organization
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
 
Unattended OutSystems Installation
Unattended OutSystems InstallationUnattended OutSystems Installation
Unattended OutSystems Installation
 
Azure information protection
Azure information protectionAzure information protection
Azure information protection
 
Business Partnership Proposal Powerpoint Presentation Slides
Business Partnership Proposal Powerpoint Presentation SlidesBusiness Partnership Proposal Powerpoint Presentation Slides
Business Partnership Proposal Powerpoint Presentation Slides
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for Dummies
 

Andere mochten auch

Application form-for-regular-pension-and-graduaity
Application form-for-regular-pension-and-graduaityApplication form-for-regular-pension-and-graduaity
Application form-for-regular-pension-and-graduaityM.Ramzan Burfat
 
The Top Skills That Can Get You Hired in 2017
The Top Skills That Can Get You Hired in 2017The Top Skills That Can Get You Hired in 2017
The Top Skills That Can Get You Hired in 2017LinkedIn
 
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...Rochester Security Summit
 
Project risk management - Methodology and application
Project risk management - Methodology and applicationProject risk management - Methodology and application
Project risk management - Methodology and applicationMarco De Santis, PMP, CFPP
 
Project Management Framework - PMBOK 5
Project Management Framework - PMBOK 5Project Management Framework - PMBOK 5
Project Management Framework - PMBOK 5pankajsh10
 
Project Human Resource Management - PMBOK 5
Project Human Resource Management - PMBOK 5Project Human Resource Management - PMBOK 5
Project Human Resource Management - PMBOK 5pankajsh10
 
Project Procurement Management PMBOK 5
Project Procurement Management PMBOK 5Project Procurement Management PMBOK 5
Project Procurement Management PMBOK 5pankajsh10
 
Project Quality Management - PMBOK 5th Edition
Project Quality Management - PMBOK 5th EditionProject Quality Management - PMBOK 5th Edition
Project Quality Management - PMBOK 5th Editionpankajsh10
 
Project Stakeholder Management - PMBOK 5
Project Stakeholder Management - PMBOK 5Project Stakeholder Management - PMBOK 5
Project Stakeholder Management - PMBOK 5pankajsh10
 
Project Scope Management - PMBOK 5th Edition
Project Scope Management - PMBOK 5th EditionProject Scope Management - PMBOK 5th Edition
Project Scope Management - PMBOK 5th Editionpankajsh10
 
Project communications management (PMBOK 5th Edition)
Project communications management (PMBOK 5th Edition)Project communications management (PMBOK 5th Edition)
Project communications management (PMBOK 5th Edition)pankajsh10
 
Project cost management PMBOK 5th Edition
Project cost management PMBOK 5th EditionProject cost management PMBOK 5th Edition
Project cost management PMBOK 5th Editionpankajsh10
 
Project Time Management - PMBOK 5th Edition
Project Time Management - PMBOK 5th EditionProject Time Management - PMBOK 5th Edition
Project Time Management - PMBOK 5th Editionpankajsh10
 
How to Stream to Facebook Live Like a Pro
How to Stream to Facebook Live Like a ProHow to Stream to Facebook Live Like a Pro
How to Stream to Facebook Live Like a ProLeslie Samuel
 
Project Integration Management
Project Integration ManagementProject Integration Management
Project Integration Managementpankajsh10
 
Project Risk Management - PMBOK5
Project Risk Management - PMBOK5Project Risk Management - PMBOK5
Project Risk Management - PMBOK5pankajsh10
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging ChallengesAaron Irizarry
 

Andere mochten auch (17)

Application form-for-regular-pension-and-graduaity
Application form-for-regular-pension-and-graduaityApplication form-for-regular-pension-and-graduaity
Application form-for-regular-pension-and-graduaity
 
The Top Skills That Can Get You Hired in 2017
The Top Skills That Can Get You Hired in 2017The Top Skills That Can Get You Hired in 2017
The Top Skills That Can Get You Hired in 2017
 
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
Business Impact and Risk Assessments in Business Continuity and Disaster Reco...
 
Project risk management - Methodology and application
Project risk management - Methodology and applicationProject risk management - Methodology and application
Project risk management - Methodology and application
 
Project Management Framework - PMBOK 5
Project Management Framework - PMBOK 5Project Management Framework - PMBOK 5
Project Management Framework - PMBOK 5
 
Project Human Resource Management - PMBOK 5
Project Human Resource Management - PMBOK 5Project Human Resource Management - PMBOK 5
Project Human Resource Management - PMBOK 5
 
Project Procurement Management PMBOK 5
Project Procurement Management PMBOK 5Project Procurement Management PMBOK 5
Project Procurement Management PMBOK 5
 
Project Quality Management - PMBOK 5th Edition
Project Quality Management - PMBOK 5th EditionProject Quality Management - PMBOK 5th Edition
Project Quality Management - PMBOK 5th Edition
 
Project Stakeholder Management - PMBOK 5
Project Stakeholder Management - PMBOK 5Project Stakeholder Management - PMBOK 5
Project Stakeholder Management - PMBOK 5
 
Project Scope Management - PMBOK 5th Edition
Project Scope Management - PMBOK 5th EditionProject Scope Management - PMBOK 5th Edition
Project Scope Management - PMBOK 5th Edition
 
Project communications management (PMBOK 5th Edition)
Project communications management (PMBOK 5th Edition)Project communications management (PMBOK 5th Edition)
Project communications management (PMBOK 5th Edition)
 
Project cost management PMBOK 5th Edition
Project cost management PMBOK 5th EditionProject cost management PMBOK 5th Edition
Project cost management PMBOK 5th Edition
 
Project Time Management - PMBOK 5th Edition
Project Time Management - PMBOK 5th EditionProject Time Management - PMBOK 5th Edition
Project Time Management - PMBOK 5th Edition
 
How to Stream to Facebook Live Like a Pro
How to Stream to Facebook Live Like a ProHow to Stream to Facebook Live Like a Pro
How to Stream to Facebook Live Like a Pro
 
Project Integration Management
Project Integration ManagementProject Integration Management
Project Integration Management
 
Project Risk Management - PMBOK5
Project Risk Management - PMBOK5Project Risk Management - PMBOK5
Project Risk Management - PMBOK5
 
Designing Teams for Emerging Challenges
Designing Teams for Emerging ChallengesDesigning Teams for Emerging Challenges
Designing Teams for Emerging Challenges
 

Ähnlich wie [Risk] Risk Manager for IRAM2 Application

Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringEmma Kelly
 
How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk SureCloud
 
GRC Africa The Paradigm Shift (Technology and GRC)
GRC Africa The Paradigm Shift (Technology and GRC)GRC Africa The Paradigm Shift (Technology and GRC)
GRC Africa The Paradigm Shift (Technology and GRC)Maganathin Veeraragaloo
 
Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19Emma Kelly
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceControlCase
 
Don't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application AttacksDon't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application AttacksPrathan Phongthiproek
 
Introducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud ServiceIntroducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud ServiceDane Roberts
 
The Cloud Adoption Program for Financial Services
The Cloud Adoption Program for Financial ServicesThe Cloud Adoption Program for Financial Services
The Cloud Adoption Program for Financial ServicesAmazon Web Services
 
Building Risk Management into Enterprise Architecture
Building Risk Management into Enterprise ArchitectureBuilding Risk Management into Enterprise Architecture
Building Risk Management into Enterprise Architectureiasaglobal
 
Striving for Learning Excellence - LMS Implementation at a global Automotive ...
Striving for Learning Excellence - LMS Implementation at a global Automotive ...Striving for Learning Excellence - LMS Implementation at a global Automotive ...
Striving for Learning Excellence - LMS Implementation at a global Automotive ...Maren Schubert, Ph.D.
 
The State of Marketing Technology Today The State of Marketing Technology Today
The State of Marketing Technology Today The State of Marketing Technology Today The State of Marketing Technology Today The State of Marketing Technology Today
The State of Marketing Technology Today The State of Marketing Technology Today Ghostery, Inc.
 
BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...
BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...
BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...p6academy
 
Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?Trish McGinity, CCSK
 
#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General SessionDane Roberts
 
Cyber Security Vendor Risk Management /Supply Chain Risk Management
Cyber Security Vendor Risk Management /Supply Chain Risk ManagementCyber Security Vendor Risk Management /Supply Chain Risk Management
Cyber Security Vendor Risk Management /Supply Chain Risk ManagementMafazo: Digital Solutions
 
entrust-it - Seminar ULG 290416 v1.0
entrust-it - Seminar ULG 290416 v1.0entrust-it - Seminar ULG 290416 v1.0
entrust-it - Seminar ULG 290416 v1.0Geert Janssen
 
Software Asset Management I Best Practices I NuggetHub
Software Asset Management I Best Practices I NuggetHubSoftware Asset Management I Best Practices I NuggetHub
Software Asset Management I Best Practices I NuggetHubRichardNowack
 
Monitoring As a Service
Monitoring As a ServiceMonitoring As a Service
Monitoring As a ServiceAmit Panchal
 
#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...
#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...
#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...Dane Roberts
 

Ähnlich wie [Risk] Risk Manager for IRAM2 Application (20)

Enterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slidesEnterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slides
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls Monitoring
 
How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk How To Integrate Business Risk & IT Risk
How To Integrate Business Risk & IT Risk
 
GRC Africa The Paradigm Shift (Technology and GRC)
GRC Africa The Paradigm Shift (Technology and GRC)GRC Africa The Paradigm Shift (Technology and GRC)
GRC Africa The Paradigm Shift (Technology and GRC)
 
Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP Marketplace
 
Don't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application AttacksDon't Trust, And Verify - Mobile Application Attacks
Don't Trust, And Verify - Mobile Application Attacks
 
Introducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud ServiceIntroducing Oracle Advanced Financial Controls Cloud Service
Introducing Oracle Advanced Financial Controls Cloud Service
 
The Cloud Adoption Program for Financial Services
The Cloud Adoption Program for Financial ServicesThe Cloud Adoption Program for Financial Services
The Cloud Adoption Program for Financial Services
 
Building Risk Management into Enterprise Architecture
Building Risk Management into Enterprise ArchitectureBuilding Risk Management into Enterprise Architecture
Building Risk Management into Enterprise Architecture
 
Striving for Learning Excellence - LMS Implementation at a global Automotive ...
Striving for Learning Excellence - LMS Implementation at a global Automotive ...Striving for Learning Excellence - LMS Implementation at a global Automotive ...
Striving for Learning Excellence - LMS Implementation at a global Automotive ...
 
The State of Marketing Technology Today The State of Marketing Technology Today
The State of Marketing Technology Today The State of Marketing Technology Today The State of Marketing Technology Today The State of Marketing Technology Today
The State of Marketing Technology Today The State of Marketing Technology Today
 
BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...
BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...
BE Aerospace Scheduling and Resource Management in an Entrepreneurial and Div...
 
Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?
 
#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session#OOW16 - Risk Management Cloud / GRC General Session
#OOW16 - Risk Management Cloud / GRC General Session
 
Cyber Security Vendor Risk Management /Supply Chain Risk Management
Cyber Security Vendor Risk Management /Supply Chain Risk ManagementCyber Security Vendor Risk Management /Supply Chain Risk Management
Cyber Security Vendor Risk Management /Supply Chain Risk Management
 
entrust-it - Seminar ULG 290416 v1.0
entrust-it - Seminar ULG 290416 v1.0entrust-it - Seminar ULG 290416 v1.0
entrust-it - Seminar ULG 290416 v1.0
 
Software Asset Management I Best Practices I NuggetHub
Software Asset Management I Best Practices I NuggetHubSoftware Asset Management I Best Practices I NuggetHub
Software Asset Management I Best Practices I NuggetHub
 
Monitoring As a Service
Monitoring As a ServiceMonitoring As a Service
Monitoring As a Service
 
#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...
#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...
#OOW16 - • Get Started with Financial Reporting Compliance and Advanced Finan...
 

Kürzlich hochgeladen

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 

Kürzlich hochgeladen (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 

[Risk] Risk Manager for IRAM2 Application

  • 1. www.surecloud.com © 2016 SureCloud Limited. All rights reserved. Risk Manager for IRAM2 Thursday 17th November 2016 Presented by: Nick Rafferty, Chief Operating Officer Oliver Vistisen, Head of Products
  • 2. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com Agenda • Introduction to SureCloud • What is IRAM2? • IRAM2 on the SureCloud Platform • Demonstration • Further Opportunities • Questions & Answers
  • 3. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Introduction to SureCloud
  • 4. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is the SureCloud Platform? Create & Notify Assess Review Sign-off Global City 1 City 2 City 3 Region Register: Suppliers Date: May16 Unit: EMEA Supplier 1 Supplier 2 Supplier 3 Supplier 4 Supplier 5 Registers Workflows Assessments  3rd Party Risk  Risk Assessment  Compliance Gap Anal.  Audit  CSR  Incident Response  BIA Groups Reports Dashboards & Charts API: Excel, Power BI
  • 5. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com
  • 6. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com
  • 7. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com SureCloud GRC Applications
  • 8. How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. What is IRAM2?
  • 9. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
  • 10. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
  • 11. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
  • 12. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is IRAM2?
  • 13. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com IRAM2 Assessment Tool
  • 14. How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. IRAM2 on the SureCloud Platform
  • 15. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What has SureCloud done? • Multiple staff members attended ISF practitioner training • Worked with key ISF community members to ensure we can support wider practitioner requirements • Conducted multiple in-house risk assessments to understand the methodology in detail • Proactively suggested ways to streamline the process through technology
  • 16. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What does the SureCloud Platform provide? • Re-use of common stages through centralisation of content • Workflow to automate aspects of the process • Notifications and offline assessments • Multi-assessment management and status tracking • Aggregation across assessments and business focused reporting • Links to other GRC applications such as Compliance Manager for BAU activities
  • 17. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com IRAM2 Assessment Tool
  • 18. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com What is SureCloud delivering?
  • 19. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Demonstration
  • 20. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Further Opportunities
  • 21. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com IRAM2: Triage Approach • A full IRAM2 assessment may not be necessary for all levels of criticality • Each organisations BIA can drive informed decision-making: Major or Critical BI Rating – undertake the full IRAM2 methodology Medium BI Rating – apply Prioritised Controls Minor BI Rating – No need to proceed • Predefined Threat & Threat Events assessments and Control Effectiveness assessments • The ISF is currently working to define what a triage approach might look like
  • 22. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com Tying it all together Compliance Manager Policies ISO Operational Controls Processes Objectives Actions List Risk Assessments Champions Owners Categories Risk Library Department Incidents Affected Assets Failed Controls Loss Estimation Action Plan Incident Manager Audits Audit Universe Systems & Components Assets Business Impact Assessments Products & Services Audit Plan Tests COSO Control Library PCI OHSAS Risk Appetite & Tolerance Metrics Standards Requirements Emergency Response& DR Plans Training Business Continuity Manager Policy Manager Audit Manager ReferenceLists Findings GRC AssessmentManager Third Party Register Key Contacts Relationship Owner Assessments Risk Manager
  • 23. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com How SureCloud maximised its involvement with the ISF’s IRAM2 programme and how you can do the same. Questions & Answers
  • 24. © 2016 SureCloud Limited. All rights reserved. www.surecloud.com Questions & Answers About SureCloud • SureCloud is a provider of GRC Applications and Cybersecurity Services. Our Cloud Platform has helped 100s of blue chip businesses and 1,000s of users to improve productivity and efficiency by replacing and automating spreadsheet based risk and compliance processes • In addition, our cybersecurity testing and assurance services team help organisations secure their information assets, systems and networks as well as providing a holistic view of cyber risk using the SureCloud Platform.