Hi [[ session.user.profile.firstName ]]

Managing Risk Across Different Departments with Different Needs

Risk and risk management is pervasive throughout organisations. There are many departments that manage risk and have their unique understanding, models, and views into risk. This makes enterprise and operational risk management a challenge. Organisations fail in enterprise risk management strategies when they force everyone into one flat view of risk, they also fail when they allow different views of risk but do not do risk normalisation and aggregation as they roll-up risk into enterprise reporting.

This webinar details how organisations need to take a federated approach to risk management that allows different departments some level of autonomy and supports their department level risk management strategies but also enable a common information and technology architecture to support overall risk management activities and reporting.

This ‘Expert’ presentation will address the following:
Where and how enterprise risk management fails
How to build an enterprise risk register and show interrelationships of risk
The value of an information and technology risk management architecture
Approaches to risk normalisation and aggregation for accurate enterprise risk reporting.
Recorded Nov 3 2015 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
GRC Pundit Michael Rasmussen, GRC 20/20 accompanied by Richard Hibbert, CEO, SureCloud
Presentation preview: Managing Risk Across Different Departments with Different Needs

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • GDPR - How to embrace PCI’s big brother Recorded: Aug 23 2017 44 mins
    Chief Operations Officer, Nick Rafferty & Head of GRC, Oliver Vistisen
    If your organization stores, processes and transmits cardholder data, PCI’s big brother - the EU General Data Protection Regulation - could affect your ability to do business in the EU.

    Impacted PCI US companies may have EU residents as employees or customers.

    The GDPR has become a primary item on most organizations' agenda this past year, yet a disproportionate amount of focus has fallen on the fines that are set to come in force May 25, 2018.

    We want to take a more optimistic look at the regulation, why it came to be and how it can be a massive opportunity to strengthen your reputation and (re)gain customer confidence. We will also look at how the implementation and ongoing maintenance of compliance can be addressed through an analytical approach to the Articles themselves; the rules of the regulation.

    What attendees will learn:
    • How US ecommerce and other companies involved in payment card transactions can be impacted by the GDPR.
    • Why the world’s most valuable resource is no longer oil, but data.
    • Why the GDPR is far more than a simple check-box compliance exercise.
    •Why the GDPR is a massive opportunity in disguise for organizations who take it seriously.
    •How the GDPR aims to change company culture by turning risk assessments on their head.
    •An analytical breakdown of the GDPR Articles that uncovers those that are applicable to your organization, and how to tackle these through a risk based approach.
    •Key areas of focus for any GDPR program based on personal and client feedback.
    •How to effectively implement GDPR by expanding upon existing compliance programs and management systems (ISO 27001).
  • Let the countdown begin: What does the GDPR mean for US companies? Recorded: May 25 2017 60 mins
    Stephen Bailey, Head of Privacy at NCC Group, Terry Blake, SureCloud EVP – North America, and Nick Rafferty, SureCloud COO.
    Exactly one year from the date of this webinar, the General Data Protection Regulation will take effect in the European Union. The GDPR applies to any organization that stores, processes or transfers the personal data of residents within the EU. It includes organizations located in and outside the EU. Non-compliance can result in fines of more than $20 million or 4% of worldwide revenues, whichever is greater. A recent survey found an alarming percentage of US-based companies are planning to reduce their presence in Europe or exit the European Union altogether rather than deal with the GDPR. Instead of tossing up their hands over the GDPR and going home, strategic US companies can follow the defined steps and adopt software solutions that can bring certainty to these uncertain times. In fact, they see another company’s exit from the EU as a potential opportunity to gain share. The good news is that you’re not too late in getting started to meet the GDPR deadline. But as the countdown begins, urgency escalates. The time to act is now.

    In this webinar, you will learn:
    What the GDPR means for you
    How to get started on your journey to compliance
    How the SureCloud GDPR Applications Suite can help you gain and demonstrate compliance and continuously improve your performance

    Agenda includes plenty of time to address your questions.
  • Third Party Risk: Gaining certainty amid a web of global relationships Recorded: Apr 6 2017 56 mins
    Michael Rasmussen, GRC Analyst at GRC 20/20 and SureCloud's COO, Nick Rafferty
    In today’s interconnected world, organizations struggle to adequately govern risk in third party business relationships. Over half of the organization’s insiders are no longer traditional employees. Insiders now include suppliers, vendors, outsourcers, service providers, contractors, subcontractors, consultants, temporary workers, agents, brokers, dealers, intermediaries, and more. Third party problems are the organization’s problems that directly impact brand, reputation, compliance, strategy, and risk to the organization.

    Join Michael Rasmussen, The GRC Pundit of GRC 20/20, and Nick Rafferty, SureCloud COO, to get an expert view of the challenges companies face and how to gain certainty amid an uncertain web of complex, global relationships.

    In this webinar you will learn:

    Why fragmented approaches to third party governance are doomed to fail
    How inadequate resources can’t keep up with growing risk and regulations
    How document, spreadsheet and email-centric approaches lack current-state analyses and audit trails
    Amid a challenging environment, what to do today by defining a strategy and adopting a single-version-of-the-truth software solution.
    How SureCloud's unique GRC Platform and its Third Party Risk Manager Application can strengthen your assessment process

    Agenda includes plenty of time to address your questions.
  • Data Transfers under the EU GDPR - do you need to comply? Recorded: Mar 15 2017 60 mins
    GDPR Expert at White & Case LLP, Tim Hickman and CEO Richard Hibbert at SureCloud
    Many organisations transfer personal data across borders to both EU and non-EU recipients. The EU General Data Protection Regulation (“GDPR”) imposes strict rules about how such data should be transferred, and applies to many unsuspecting non-EU organisations.

    Join Tim Hickman, GDPR Expert at White & Case LLP and Richard Hibbert, SureCloud CEO, to get the legal perspective on personal data transfers under the GDPR, and practical guidance on how this issue affects your business.

    In this webinar we will:

    Explain what constitutes a data transfer (you may be surprised).

    Identify the different types of data transfer (e.g., internal transfers within a corporate group; external transfers to service providers; etc.) and examine the implications for businesses.

    Examine the pros and cons of each data transfer mechanism (example consent, adequacy, Model Clauses, Binding Corporate Rules, etc.).

    Provide hints and tips on how organisations can prepare for data transfers under the EU GDPR.

    Discuss how SureCloud GDPR Suite can help you achieve compliance with data transfer regulations
  • Ready for GDPR? Learn about challenges and ways to comply Recorded: Feb 1 2017 45 mins
    CEO Richard Hibbert & Head of Products, Oliver Vistisen
    The GDPR comes into force 25 May 2018 and this will have a significant impact on the way in which organisations collect, process and share data. Companies that fail to prepare for the GDPR risk incurring hefty fines of 20m euros or 4% of world-wide revenues, whichever is greatest. As such all organisations need a strategy for GDPR. By implementing a structured approach through the use of cloud-based applications, organisations will be able to effectively achieve and maintain compliance.

    In this webinar we will: explore the key provisions of GDPR, examine the challenges organisations are facing with the new rules, provide guidance for Risk Managers, Compliance Leaders and other IT Professionals on how to approach these challenges, then demonstrate how our cloud-based GDPR Applications Suite can provide effective solutions that ensure your business can achieve and maintain compliance.
  • What is Ransomware and why it's time to simulate an attack? Recorded: Jan 31 2017 35 mins
    Luke Potter (Security Practice Director) & Elliott Thompson (Security Consultant)
    Learn how to detect, prevent and mitigate ransomware attacks. Our experts will cover: the current mitigation strategies, how they are bypassed and why, how attackers perform directly targeted attacks and why it's time for organisations to simulate their own attacks.
  • [Cybersecurity] Our Indigenous Apps: Securing Critical Business Data Recorded: Dec 6 2016 29 mins
    Senior Security Consultant, Christopher Cooper
    Despite the rise of the cloud and increased reliance on web applications, native desktop applications are still highly relevant and often the delivery method of choice in enterprise IT. As penetration testers, we still see a number of very poorly architected native applications being used to protect extremely sensitive information.

    This webcast will discuss some of the core issues relating to native desktop applications, why they are so frequent, and the severe impact that their insecurity can cause.

    In the 2017 threat landscape, we propose that these flaws are not going away, and the industry isn't currently in a position to help developers resolve them effectively.
  • [Security Strategy] Risk Manager for IRAM2 Application Recorded: Nov 17 2016 46 mins
    COO, Nick Rafferty & Head of Products, Oliver Vistisen
    SureCloud has worked with key ISF community members to develop an application (Risk Manager for IRAM2) that helps to consolidate the IRAM2 risk assessment process.

    This application complements the ISF's world class methodology that help risk practitioners as well as other business and technology leaders to apply a simple, practical, rigorous approach to managing risks.
  • Policy-driven, Risk-based Security Recorded: May 11 2016 19 mins
    Audrey Gilchrist - GRC Team Leader at SureCloud and Amanda Ewing - Security Assurance Manager at Dentsu Aegis Network
    Policy is the corner stone of any risk-based security programme. Policies are put in place not only to govern the way organisations operate, but also to mitigate risks, and as such require board level backing and sign-off. Yet when it comes to security programmes information risk, both internally and externally, is often presented in terms un-meaningful to the board of directors. Using real world example, this session will present a model for effective risk-based security that engages senior executives.
  • The Evolution of the Penetration Test Recorded: Apr 12 2016 23 mins
    Toby Scott-Jackson, Principle Security Consultant, SureCloud and Chris Cooper, Senior Security Consultant, SureCloud
    The confluence of sophisticated cyber criminals, white hats and technological change means organisations are increasingly exposed to weaknesses and vulnerabilities in their networks, devices and applications.

    With a combination of expert security commentary and vulnerability trends, SureCloud will reveal the sophisticated nature of the latest attacks and what the future may hold. We will focus on modern exploits that go beyond the typical network and web application attack vectors.

    SureCloud will describe how organisations need to change their attitudes to security testing, considering the frequency and scope of assessments, and act on results in a timelier manner.
  • Internal Audit at a Breaking Point: How to Manage the Growing Array of Audits Recorded: Dec 15 2015 47 mins
    GRC Analyst Michael Rasmussen, GRC 20/20 accompanied by Nick Rafferty, COO, SureCloud
    Internal audit is in a constant state of transformation. Audit departments are being asked to do more audits, provide assurance on business operations and risk management, evaluate compliance, and advise the organisation with limited audit resources.

    They are challenged with a growing array of audits that go beyond financial audits to provide assurance through IT audits, operational audits, quality assurance audits, third party audits, and more. This demands that Audit have processes supported by an information and technology architecture that drives efficiency, effectiveness, and agility in audit processes and tasks.


    This webinar details how organisations need to take an agile approach to internal audit management that allows for a growing array of audits on an agile information and technology architecture to support internal audit management activities and reporting.

    This ‘Expert’ presentation will address the following:

    • Where and how internal audit is strained
    • How to integrate a risk-based approach to audits as well as a cyclical audit plan
    • The value of an information and technology audit management architecture
    • Best practices in internal audit management
  • Managing Risk Across Different Departments with Different Needs Recorded: Nov 3 2015 47 mins
    GRC Pundit Michael Rasmussen, GRC 20/20 accompanied by Richard Hibbert, CEO, SureCloud
    Risk and risk management is pervasive throughout organisations. There are many departments that manage risk and have their unique understanding, models, and views into risk. This makes enterprise and operational risk management a challenge. Organisations fail in enterprise risk management strategies when they force everyone into one flat view of risk, they also fail when they allow different views of risk but do not do risk normalisation and aggregation as they roll-up risk into enterprise reporting.

    This webinar details how organisations need to take a federated approach to risk management that allows different departments some level of autonomy and supports their department level risk management strategies but also enable a common information and technology architecture to support overall risk management activities and reporting.

    This ‘Expert’ presentation will address the following:
    Where and how enterprise risk management fails
    How to build an enterprise risk register and show interrelationships of risk
    The value of an information and technology risk management architecture
    Approaches to risk normalisation and aggregation for accurate enterprise risk reporting.
  • Third Party Risk Management: an effective, efficient, and agile approach Recorded: Jul 21 2015 43 mins
    Michael Rasmussen, The GRC Pundit, GRC 20/20 and Nick Rafferty, Chief Operating Officer, SureCloud
    Organisations across all sectors are dealing with a growing array of third party/vendor relationships. Even obscure supplier relationships can have significant impact on security, risk and compliance. The Target credit card breach is one example in which a heating and air conditioning supplier was the doorway in to a significant breach of a point of sale system and theft of credit card data. Organisations have to manage risk across their third party supplier relationships but are limited in the resources they can devote to this.

    This 'Expert' webinar will address the following:-

    o Understand the growing array of third party relationships
    o The impact of third party relationships on security, risk and compliance
    o Elements of an effective, efficient, and agile vendor risk management process
    o How other areas of the organisation can leverage a common approach to third party risk management

    Attend this webinar if:-

    o You are concerned by the growing number of third party supplier relationships
    o You realise your risk and compliance exposure is growing because of these relationships
    o You need to be able to manage supplier risk but cannot recruit more staff to do so
    o You desire the need to know how to keep current in a dynamic environment of third party relationships
Remove reliance on spreadsheet processes
SureCloud is a provider of GRC Applications and Cybersecurity Services. Our Cloud Platform has helped 100s of blue chip businesses and 1,000s of users to improve productivity and efficiency by replacing and automating spreadsheet based risk and compliance processes.

In addition, our cybersecurity testing and assurance services team help organisations secure their information assets, systems and networks as well as providing a holistic view of cyber risk using the SureCloud Platform

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Managing Risk Across Different Departments with Different Needs
  • Live at: Nov 3 2015 3:00 pm
  • Presented by: GRC Pundit Michael Rasmussen, GRC 20/20 accompanied by Richard Hibbert, CEO, SureCloud
  • From:
Your email has been sent.
or close