Hi [[ session.user.profile.firstName ]]

A Platform Approach to Simplifying RMF

Cyber Risk Management in the Federal government is a daunting task that requires managing thousands upon thousands of controls and assets, automation between multiple IT and Business lines, and multiple technologies. Legacy approaches create huge amounts of friction, with heavy integration lifts and manual effort inside and outside the system. For efficient and cost-effective RMF automation, a true platform approach is needed - one that brings the Risk and Compliance, IT Service Management, IT Operations Management, Asset Management, Security, and more together in a seamless experience.
Recorded Apr 27 2021 39 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Matthew Fisher, Security & Risk Architect at ServiceNow, Jorge Garcia, Product Manager at ServiceNow
Presentation preview: A Platform Approach to Simplifying RMF

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Making Third-Party Resilience Real with Great American Insurance Group Recorded: May 5 2021 57 mins
    Holly Johnson & Brian Ballman at American Financial Group, Geeta Jhamb at ServiceNow
    The global pandemic put organizations’ business continuity plans to the test. When identifying gaps, inadequate vendor risk management and insufficient resilience planning often top the list. Rectify these issues.

    Join us to learn how to address risk and resilience at every stage in the vendor lifecycle. You’ll get an inside view of how Great American Insurance Group developed an integrated third-party risk management process, as we share:

    - The essential elements of a formal program
    - Steps for aligning vendor risk management to business priorities
    - How to address risk and resilience at every stage in the vendor lifecycle
  • A Platform Approach to Simplifying RMF Recorded: Apr 27 2021 39 mins
    Matthew Fisher, Security & Risk Architect at ServiceNow, Jorge Garcia, Product Manager at ServiceNow
    Cyber Risk Management in the Federal government is a daunting task that requires managing thousands upon thousands of controls and assets, automation between multiple IT and Business lines, and multiple technologies. Legacy approaches create huge amounts of friction, with heavy integration lifts and manual effort inside and outside the system. For efficient and cost-effective RMF automation, a true platform approach is needed - one that brings the Risk and Compliance, IT Service Management, IT Operations Management, Asset Management, Security, and more together in a seamless experience.
  • Beyond Digital Risk – Addressing Operational Risk Recorded: Apr 22 2021 53 mins
    Megan Fusco, Sr Advisory Solution Architect, Risk Practice and Alison Musci, Risk Solutions Sales Executive at ServiceNow
    Once you’ve conquered the challenge of managing your digital risks you may want to embark on the journey of addressing your operational risks. Operational risks are the uncertainties and hazards a company faces in its day-to-day business activities. It can result from breakdowns in internal procedures, people and systems.

    Taking the approach we’ve outlined of crawl, walk, run please watch to learn how you can:
    - Implement a program that engages your front line to identify the small control failures that if left unchecked—can lead to greater risk materialization and firm-wide failures.
    - See ServiceNow GRC Advanced Risk and user-friendly capabilities in action
  • Embracing resiliency for a Strategic advantage Recorded: Apr 15 2021 44 mins
    Stephane Bernard | Hasintha Gunawickrema | Chris Dew | Jayaraj Puthanveedu | Anna Mazzone
    While the joint BOE/FCA paper specifically addresses the financial sector, it offers lessons that impact businesses in every industry and how an organisation manages its response to operational disruptions, is critical to maintaining confidence in the business services it provides and its wider industry partners. ​

    This panel session features industry leaders responsible and accountable for operational resilience including guests from HSBC, Zurich Insurance, BNP Paribas and Euroclear. It is moderated by Anna Mazzone, the Head of ServiceNow’s Risk Business Unit.
  • DORA: Leveraging regulation to mitigate the risks of digital transformation Recorded: Apr 15 2021 36 mins
    Norman Nehls, Severn Consultancy GmbH, Frankfurt | David Vorih, Siemens Financial Services, Munich
    As a result of the pandemic, financial services institutions rely more than ever on their IT infrastructure to provide services to employees and customers.

    In this session, David Vorih, CIO at Siemens Financial Services discusses:
    - How to mitigate the accompanying risks of digital transformation
    - The steps needed to establish an IT-resilient organization
    - What role can or should regulation play in that context?

    Together with Norman Nehls from Severn Consultancy, a firm specialized in regulatory and change projects, David discusses his expectations for the European Commission’s upcoming DORA (Digital Operational Resilience Act) and how it could help his organization improve operations, in financial services as well as across the entire Siemens group.
  • Putting Data & Service Architecture at Heart of Operational Risk & Resilience Recorded: Apr 15 2021 42 mins
    Keith Pearson, ServiceNow | Simon Cox, Lloyds Banking Group
    Before Covid-19 had an unprecedented impact on global financial services, UK regulators were focusing on improving operational resilience. The themes of preparing for, avoiding and recovering from unforeseen events and the need to manage the complexity that this entails through a coherent services-driven data set was seen as being critical to control.

    Keith Pearson is joined by Simon Cox, Technology Resilience, Engineering, & Service Transformation Director at Lloyds Banking Group to discuss:

    - Best practices and benefits of implementing a scalable, sustainable and continuously improving operational resilience programme
    - The importance of having data and technology at the heart of its strategy
  • Operational resilience - future proof for a strategic advantage Recorded: Apr 15 2021 1 min
    Nick Strange, Bank of England | Hannah Gurga, UK Finance | Paul Smith, ServiceNow | Richard Wall, ServiceNow
    The UK is often considered to be forward thinking in identifying risk exposures associated with the adoption of new technology. They have called on the industry to consider, plan and anticipate the potential impact and harm to customers, regulated firms. Along with the wider financial system of failures in their important business services, the systems that support them and the role of the third party and market infrastructure providers.​

    In this session, we'll discuss:

    - The implications of the proposed requirements from the Operational resilience regulation and how the industry is responding
    - The bank’s expectations for minimising disruption to regulated firms and the wider financial system
    - The importance in managing technological change
    - How much more needs to be done for financial services organisations and how much is enough?

    Hannah Gurga, Chief of Staff and Managing Director for Digital, Technology & Cyber, UK Finance leads the conversation with Nick Strange, Senior Technical Specialist, Operational Risk & Resilience, Bank of England.
  • A New Paradigm for Managing Risk in Hybrid Cloud Environments Recorded: Apr 14 2021 54 mins
    Bob Osborn, CTO, Global Government Sector at ServiceNow
    Cybersecurity risk is front and center in the minds of IT professionals and Executives. As businesses struggle to adapt to a remote workforce and rapid digital transformation, forcing greater cloud adoption, cybersecurity concerns are heightened. The big question is, how do you effectively manage cybersecurity risk in uncertain times, hybrid cloud environments, and complex or highly regulated organizations? Frameworks like NIST and ISO provide a baseline, but you’ll need an integrated platform and a new paradigm.

    Join us to learn:
    - Best practices for planning and implementing cybersecurity measures
    - How to connect IT, security, vendors, and the business to continuously monitor risk and compliance - How to improve risk-based decision making, even in the cloud
  • BCM and Operational Resiliency - Innovation and Adoption during a pandemic Recorded: Apr 6 2021 28 mins
    Aaron Callaway, Director, BCM at ServiceNow and Keith Pearson, Head of Financial Services EMEA at ServiceNow
    During uncertain times, you want to ensure you’re building resilience for your critical business operations. Preparing now can help your organization mitigate risk and recover faster from disruptive events.

    Join us as we discuss the lessons learned from COVID-19 and how your organization can help improve its business continuity, crisis response, and return-to-work strategies. Using real-world examples, we’ll explore how you can:

    -Assess and prioritize your most critical business processes.
    -Review your dependencies, likely risks, and potential impacts.
    -Build your business continuity and disaster recovery programs, so you’re empowered for a faster, more efficient recovery.
  • Reporting Risk to the Board: It Doesn’t Have to be a Challenge Recorded: Apr 1 2021 62 mins
    Andrew Wheatley, VP of Audit, Risk, and Compliance; Mark Cockerill, VP of Legal; and Ben de Bont, CISO at ServiceNow
    Privacy and security risks drive many board and audit conversations. However, the ability to effectively communicate these risks is one of the greatest challenges executives face.

    Join Andrew Wheatley our ServiceNow VP of Audit, Risk, and Compliance, Mark Cockerill our VP of Legal, and Ben Du Bont our CISO to discuss:
    - How a modern approach is essential to enabling the individual experts to effectively communicate risks to the board
    - Best practices to prepare for these important meetings
    - How using a common language, processes, controls, and issues management across the company can make the message simple and consistent
  • The Top 3 Areas Where Today’s CISO Needs to Focus Recorded: Mar 24 2021 62 mins
    James Blake, Advisory CISO at ServiceNow
    The Covid-19 pandemic has had a profound effect on almost every aspect of our life: how we work, how we travel, how we shop and how we interact with our friends and families. Even more jarring is that this change happened in a matter of weeks or months, and we still face a great deal of uncertainty.

    During this time the CISO is witnessing their career evolving before their very eyes, with two words dominating their new career paths: resiliency and agility. Although there has already been a seismic shift in the way many businesses operate the tectonic plates have not finished moving. Quite how or even when the ground will settle for the long-term is not entirely clear. What is clear, however, is that the CISO needs to both keep the business safe and be prepared and flexible enough to support the new reality.

    Today’s CISO needs to be empowered to deal with their historical technical and process debt, the reality of the situation today, and the business of the future. Register for this webinar and join us to discuss the top 3 areas today’s CISO needs to be focusing on.
  • Opening Remarks: The Imperative to Manage Risk & Resilience in Real Time Recorded: Mar 11 2021 20 mins
    Vasant Balasubramanian, GM for Risk at ServiceNow
    As we inch toward the end of 2020, one overwhelming takeaway is the need to plan and execute risk management at a different pace - in real time. Business continuity, customer retention, workforce productivity -- these pillars of business success depend on effective operational risk management across the entire organization.

    Join this keynote to learn how to achieve true resilience by overcoming risk silos and embedding risk and compliance processes into daily work.
  • Systemic Risk in Financial Services Recorded: Feb 24 2021 28 mins
    Alla Valente, Forrester | Sean Culbert, EY | Michael Murphy, ServiceNow
    Today’s business environment is characterized by interconnectedness – from the dependences of global markets to interdependent networks of suppliers, partners, and global digitalization. According to Forrester, systemic risk is based upon external events or a system that breaks down and impacts an entire industry or market. In the wake of a global pandemic the repercussions of systemic risks are getting a lot more focus.

    Do you have the systems and tools in place to recognize interconnected data, organizational processes, and service experience chains so you can prepare for, respond to and even mitigate systemic risks? Discover how Forrester defines systemic risk and how ServiceNow and EY help you get ahead of service risk management.

    Alla Valente, Analyst, Security and Risk at Forrester
    Sean Culbert, Principal Financial Services at EY
    Michael Murphy, Global Solution Senior Director, Financial Services & Compliance at ServiceNow
  • Business Continuity: You Can’t Just Buy Another One Recorded: Feb 24 2021 30 mins
    Mike Stolp, Consulting Director, Cask | Nasir Sayed, Senior Solution Architect, Cask
    When something doesn’t work properly, we have the tendency to simply buy another one. But what happens when your business continuity plan isn’t working? Unfortunately, you can’t just buy another one. It might seem impossible to plan for such a large disruption like COVID-19, but with Cask’s proven approach, you’ll learn how to create an effective plan of action to keep your organization on its feet.
    Our approach takes into account industry best practices as well as industry standards as ISO 22301:2019 & ISO 22313:2020 as well as the most current and relevant approaches to threat mitigation.

    Land ahead of the competition by:
    • Learning our agile approach to disaster recovery
    • Pivoting your recovery from survival to thriving
    • Creating a higher degree of stability for your organization
    • Creating a real-world plan to deal with threats including the impact of COVID-19

    Not All Business Continuity Plans are Created Equal
    So what are you supposed to do if you can’t just go buy another BCP? Learn how to strengthen your current plan and make sure it is effective and efficient for your organization.
  • Mitigating 3rd-Party Privacy Risks: Assess, Monitor, and Mitigate Vendor Risk Recorded: Feb 24 2021 58 mins
    Mike DeAndrea, Covestic | Eric Smith, Covestic | Teresa Law, ServiceNow
    Trust But Verify. No matter how much you trust your third-party vendors, it’s essential to verify they have adequate safeguards in place to protect the data they process on your behalf, especially if that data contains Personal information (PI) about your customers.

    U.S. and International privacy laws are unforgiving when it comes to PI, often holding organizations accountable for data breaches caused by or occurring in their vendor ecosystem. Last year, nearly 50% of data breaches involving PI were caused by vendors.

    In this on-demand webinar recording, the Covestic and ServiceNow GRC team will highlight how to leverage your investment in ServiceNow to assess, monitor and mitigate privacy risks in your vendor ecosystem.

    This webinar will cover:

    • Privacy risks introduced by third-party vendors
    • Privacy laws mandating vendor risk management
    • Best practices for overseeing vendor data processing
    • Monitoring and mitigating vendor risk in ServiceNow
    • Live demo: Assessing Vendor Risk in ServiceNow

    Mike DeAndrea, GRC Practitioner and Advisory Solution Architect, Covestic
    Eric Smith, Solutions Consultant, Covestic
    Teresa Law, Risk Product Marketing Director, ServiceNow
  • Building a More Resilient Supply Chain Recorded: Feb 24 2021 36 mins
    Brian Rizman, Partner, Edgile | Teresa Law, Risk Product Marketing Director, ServiceNow
    Join Edgile, an Elite ServiceNow partner as they discuss the importance of building resilience into your supply chain and demonstrates how the Vendor Risk and GRC solutions can be implemented to show quick success. Walk through a demonstration of how Vendor Risk can be used to assess third-party vulnerabilities, the SolarWinds breach is used as an example, in addition to dashboards that can anticipate disruption to the supply chain.

    Brian Rizman, Partner, Edgile
    Teresa Law, Risk Product Marketing Director, ServiceNow
  • 5 Steps to Building a Resilient EHS Program Recorded: Feb 24 2021 26 mins
    Kris Markham, Founder, Serenity EHS | Teresa Law, Risk Product Marketing Director, ServiceNow
    Serenity EHS, a Premier Built On NOW ServiceNow partner, will showcase their ServiceNow certified EHS Compliance Assurance Solution. This new solution helps organizations simplify their EHS regulatory landscape, automate compliance audits, and integrate EHS into their enterprise risk program with ServiceNows GRC applications.

    Kris Markham, co-founder of Serenity EHS will discuss:

    • The challenges of managing EHS compliance in multinational organizations
    • How the Serenity EHS Compliance Assurance solution helps EHS leadership and facility managers identify applicable regulations and automate site inspections and audits
    • How ServiceNow enables organizations to integrate EHS into their Enterprise Risk Program with ServiceNow GRC

    Kris Markham, Founder, Serenity EHS
    Teresa Law, Risk Product Marketing Director, ServiceNow
  • Crawl, Walk, Run: Advance Your ServiceNow GRC Program From Any Maturity Recorded: Feb 23 2021 48 mins
    Cliff Harris, ServiceNow | William Mathies, Edgile | Jay Dial, Edgile
    The biggest challenge many companies in highly-regulated markets face is understanding how to manage GRC/IRM in a way that doesn’t require significant effort to achieve value and truly integrates risk and compliance as a foundation. Join experts from Edgile and ServiceNow for a webinar that will present case studies illustrating the three different stages of the GRC/IRM integration journey. Each segment will include demonstrations explaining how we help companies start a GRC program or move to the next level in their program.

    • Crawl Segment: We share our clients’ successes in building a solid foundation of truly integrated risk and compliance using ServiceNow IRM and the Edgile Automated Regulatory Compliance (ArC) Content.
    • Walk Segment: Highlights techniques to rapidly accelerate dynamic assessments and control testing capabilities, addressing both design and operating effectiveness.
    • Run Segment: Showcases book-end innovations in assurance with the upstream Decision Engine Solution and the downstream Evidence Warehouse.

    Learn how to quickly and consistently rate confidentiality, integrity and availability coupled with a close-loop process of consultation and fulfillment tasks. Explore the process, workflow, guidance and secure containers to help your organization “Assess Once, Test Once, and Satisfy Many” with ‘Evidence Boxes’ assigned to control owners and recurring collection schedules, materially reducing the ‘audit fatigue’ many organizations face when supporting external audits like SOX, PCI and HIPAA to name a few.

    Cliff Harris, GRC Specialist at ServiceNow
    William Mathies, Technical Director at Edgile
    Jay Dial, Senior Manager at Edgile
  • Driving strategic capability in resilience for Financial Services Organisations Recorded: Feb 23 2021 21 mins
    Andrew Husband, Ashley Harris and Neevash Khanna, KPMG
    Operational resilience has long been top of mind for Risk and Security experts in Financial Services. An organization’s ability to effectively respond to, recover from and learn from business disruptions across people, technology, suppliers and facilities is essential - not just for short term success and security but future growth and stability. Join KPMG partner, Andrew Husband, and members of the KPMG team, to learn how to outline your resilience roadmap specific to Financial Services organizations. Topics will cover leading practices in strategy and operating model design, the importance of a data-driven approach to service resilience and the technology required to deliver a scalable and sustainable approach to resilience.

    Andrew Husband, Partner, Operational Transformation at KPMG UK
    Ashley Harris, Director, Financial Services at KPMG UK, Operational Resilience Lead
    Neevash Khanna, Director Management Consulting at KPMG UK
  • Faster Time to Value for Operational Risk and Resilience Implementations Recorded: Feb 23 2021 15 mins
    Manoj Kulwal, Chief Risk Officer at RiskSpotlight
    Successfully achieving operational resilience requires detailed understanding of operational risks that can result in disruption to important business services. In this session, Manoj Kulwal will present how the RiskSpotlight OpRisk Library app can facilitate ServiceNow GRC users to develop a comprehensive library of operational risks aligned with industry best practices. He will share guidance on operational risks that are relevant for achieving operational resilience.
Improve performance, compliance, and continuity across your enterprise
ServiceNow helps power your resilient business with risk-informed decisions integrated across the enterprise so people and organizations work better. ServiceNow enables business continuity by bringing security, risk, and IT together, on one platform—the Now Platform®—suddenly, you’re able to see and prioritize security incidents, vulnerabilities, and enterprise risks more quickly than ever—and with new certainty. You’re able to monitor and reduce your risk exposure with real-time visibility. And you respond faster using workflows, automation, and orchestration.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Platform Approach to Simplifying RMF
  • Live at: Apr 27 2021 4:00 pm
  • Presented by: Matthew Fisher, Security & Risk Architect at ServiceNow, Jorge Garcia, Product Manager at ServiceNow
  • From:
Your email has been sent.
or close