Integrating the IT GRC & Security Function

Presented by

Arno Kapteyn, Managing Consultant IT Governance

About this talk

The classic IT Security Organization is often seen as the “digital border guards”. Busy with deciding what the firewall setting should be. How to “harden” the server configuration. Checking the latest virus and hack-attack methods and working on defenses. Integrating this Security function with the IT- Governance, IT- Risk and IT - Compliance functions into one GR(S)C – function will lead to direct cost reductions but also to an indirect cost reduction because the (control) requirements from each of these functions individually can be integrated into one Risk (and Control) approach for the IT Domain. Streamlining the effort will in many cases lead to a reduction of the effort required from the IT-operational organization to implement and assure controls and other risk reduction measures. What does this integration mean for the organization, tasks, skills, processes for the new GRSC function as compared to the current situation? What may you expect during the transition path? Bio: Arno Kapteyn is Managing Consultant IT Governance. He is a leading expert in the field of IT Governance, Risk and Compliance (GRC) and how to integrate them with IT Security and IT Service Management. His field of expertise is the design and implementation of IT Organizations according to the available open and industry standards.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (1370)
Subscribers (42911)
Increasing expectations for good data governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance for insights on how to implement successful GRC strategies and processes for your organization.