Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing Compliance Early: System Development

Published byΝικόστρατος Γερμανός Modified over 5 years ago

Similar presentations

Presentation on theme: "Managing Compliance Early: System Development"— Presentation transcript:

1 Managing Compliance Early: System Development
Randy Moeller Records & Information Governance P&G

2 iRisk Application What does it do Who is involved Review process
Records & Information Governance review Links to other processes Challenges (nothing’s perfect)

3 What Does it Do Review of IT initiatives by 15 compliance groups
.net application, .sql database Complete 14 questions; results in a score by each group States a consult or self-assess Documents compliance via forms and/or notes

4 Who is Involved 15 Compliance Groups Represented
Business & IT Continuity Employee Relations Enterprise Architecture Global Security Health, Safety & Environment Information Security Labor Relations Legal – Digital Privacy & Commerce Legal – Intellectual Property Payment Card Industry Privacy Records & Information Governance Regulatory Computer Validation Third Party Risk Assessment Vendor Governance

5 Review Process

6 Details

7 Details

8 Multiple Choices

9 Each Selection Scored

10 Links Where Needed

11 Question List

12 Results

13 Task Details

14 R&IG Compliance Document

15 Completing Tasks

16 Process Links

17 Cloud Process Cloud Security Alliance Skyhigh Network Matrix
Cloud provider assessments

18 JAS Results Be careful what you wish for… Row Labels Consult
Self-Assess (blank) Grand Total Records & Information Governance 100 41 141 Information Security 123 16 139 Business & IT Continuity 64 70 134 Labor Relations 88 42 130 Enterprise Architecture 29 83 112 Employee Relations 94 7 101 Privacy 59 34 93 Legal - Digital Privacy & Commerce 81 Vendor Governance 24 37 61 Legal - Intellectual Property 20 26 46 35 Third Party Risk Assessment 27 Global Security 3 19 22 Regulatory Computer Validation 13 Health, Safety & Environment (HS&E) 9 Payment Card Industry

19 Challenges Not all assessments created equal Weak project documents
Treat it as a check mark Outliers Project managers not equal Turnover

20 Thank You Randy Moeller moeller. rj@pg. com http://twitter

Download ppt "Managing Compliance Early: System Development"

Similar presentations

IT Security Policy Framework

IT Security Policy Framework
Professional Health and Safety Consultants www.healthandsafety.co.uk Helping your enterprise or your institution with safety management 020 8778 7838 020.

Professional Health and Safety Consultants Helping your enterprise or your institution with safety management
Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: 020 8275 0102 Mobile: 07771 765789.

Stephen Upton – 2 June 2005EURIM Personal Identity Working Group Secure identity – a personal view Stephen Upton Office: Mobile:
STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Ivan Launders, Simon Polovina Chapter 13 - A Semantic Approach to Security Policy Reasoning, Pg. 150.

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Ivan Launders, Simon Polovina Chapter 13 - A Semantic Approach to Security Policy Reasoning, Pg. 150.
Phone: (919) 573-6132 Fax: (919) 677-8470 21CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita.

Phone: (919) Fax: (919) CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita.
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
Introduction CSCI102 - Introduction to Information Technology B ITCS905 - Fundamentals of Information Technology.

Introduction CSCI102 - Introduction to Information Technology B ITCS905 - Fundamentals of Information Technology.
2 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

2 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
0 Career Opportunities in Public Accounting. Introduction to Deloitte & Touche 1 Deloitte Touche Tohmatsu u Over 100,000 people worldwide u Over 30,000.

0 Career Opportunities in Public Accounting. Introduction to Deloitte & Touche 1 Deloitte Touche Tohmatsu u Over 100,000 people worldwide u Over 30,000.
E-Commerce: Regulatory, Ethical, and Social Environments

E-Commerce: Regulatory, Ethical, and Social Environments
Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.

Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.
By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.

By: Dr. Mohammed Alojail College of Computer Sciences & Information Technology 1.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
MasterCard Site Data Protection Program Program Alignment.

MasterCard Site Data Protection Program Program Alignment.
No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+

No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.
Sai-innovations.com. Why we care about IA Review of Information Management statistics published by Gartner shows  Information is doubling every 2 years.

Sai-innovations.com. Why we care about IA Review of Information Management statistics published by Gartner shows  Information is doubling every 2 years.
SECURITY Is cloud computing secure? Are Microsoft Online Services secure? Is cloud computing secure? Are Microsoft Online Services secure? PRIVACY What.

SECURITY Is cloud computing secure? Are Microsoft Online Services secure? Is cloud computing secure? Are Microsoft Online Services secure? PRIVACY What.
How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.

How to Gain Comfort in Losing Control to the Cloud Randolph Barr CSO - Qualys, Inc SourceBoston, 23. April 2010.

Similar presentations

Ads by Google