SlideShare a Scribd company logo

Managing Risk in IT

•
•
NTEN
NTEN
BusinessEconomy & Finance
1 of 40
Download to read offline
Managing Risk in IT #12NTCRISK Richard D. Wollenberger Jay L. Seagren Managing Risk in IT Slide 1
Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad! or Online using <#NTC12RISK> at www.nten.org/ntc/eval Managing Risk in IT Slide 2
Managing IT Risk in a small- medium sized organization Managing Risk in IT Slide 3
Managing Risk in IT • Introductions • What is risk management? • Budgets • Integration with business needs • Managing Staff • Managing the computing environment Managing Risk in IT Slide 4
Who are we? Richard Wollenberger Director of Information Technology Parents as Teachers national office richard.wollenberger@parentsasteachers.org Jay Seagren Senior Manager, Enterprise Systems, The Pew Charitable Trusts jseagren@pewtrusts.org Managing Risk in IT Slide 5
Who’s here today • Organization size? • Accidental techie? • # of IT staff? Managing Risk in IT Slide 6
IT Resources Managing Risk in IT Slide 7
What is Risk Management? • Origins of risks – From the ancient Italian word riscare – The study of risk began during the Renaissance – Daniel Bernoulli – Harry Markowitz Managing Risk in IT Slide 8
What does this have to do with IT? • Every decision you make is about managing some kind of risk – Which AV system will protect your staff? – Which backup system will be easy to use (restore from) during an emergency situation? – MS vs. Google? – Voice/data connections – Firewall Managing Risk in IT Slide 9
Budgets • Every penny you spend in IT is NOT spent on your mission – Track every expense related to: • Computer hw/sw • Internet connectivity • Telephone & fax • Printing & copying • Training – end user – Tech staff (yes, you need ongoing training) Managing Risk in IT Slide 10
Budget Resources • www.itlever.com – (search for budget or budgeting) • IT Management – (http://itmanagerinstitute.com/free-ebook) • Tech Republic – (link in slide show) Managing Risk in IT Slide 11
Integration with the business • You have to sit at the table • Strategic planning • You are there to support them • You are there to improve processes and make it easier • You are there to look for cost efficiencies – Hard and soft dollar • Business continuity (disaster planning) Managing Risk in IT Slide 12
Sit at the table • Be a partner with the business • Have a Service Level Agreement (SLA) so your “customers” know what to expect Managing Risk in IT Slide 13
Strategic planning • Why is this important? – Strategic planning drives the business, and you need to be helping steer. Managing Risk in IT Slide 14
Who they gonna call? Managing Risk in IT Slide 15
What do you need to do? • Improve business processes • Find hard and soft dollar cost efficiencies Managing Risk in IT Slide 16
Staffing • Are you an “Accidental Techie?” • Do you manage other IT staff? Managing Risk in IT Slide 17
Managing Risk in IT Slide 18
Outsourcing vs. Insourcing Services • Office and Collaboration • Help desk • Constituent Management • Security • Server and Network Managing Risk in IT Slide 19
Office and Collaboration • Google Apps (Low Risk) – Free for non-profits <3000 users – Now online and offline (Chrome) – Bonus: Postini spam filter Managing Risk in IT Slide 20
Office and Collaboration • Office 365 (Medium Risk) – Requires desktop client – Per seat costs ($6-$27/user/month) – Bonus: SharePoint Managing Risk in IT Slide 21
Help Desk • (low risk – it’s free) • (med risk - about $20/seat/month) • (med risk – new version not available yet – check for pricing with Techsoup.org) Managing Risk in IT Slide 22
Constituent Management • (low risk) – $200 - $475/month • (medium risk) – 10 licenses free, >10 80% discount – Nonprofit Starter pack (free) Managing Risk in IT Slide 23
Security • Virus protection – Symantec ($25/yr) – McAfee ($30/yr) – Microsoft System Essentials • Free for <10 PCs – Microsoft Forefront Endpoint ($20/seat) Managing Risk in IT Slide 24
Disaster Planning • This is not good: Managing Risk in IT Slide 25
Disaster Planning and Recovery • Disaster Planning – Scope of plan • Room, building, city, region • Disaster Recovery – Online backup and recovery – Pricing terms – Amazon Web Services • (http://media.amazonwebservices.com/AWS _Pricing_Overview.pdf) Managing Risk in IT Slide 26
Server and Network • Specs – What you want vs. what you need • Tools – Is the cloud right for your organization? • Processes • Procedures • Change management • Regulation and law compliance Managing Risk in IT Slide 27
Server and Network – cont. • Duplicate and mirrored services • 2 separate data centers • Different geographic and power grid zones • Carbon copying between the two • 3rd Party DNS can route to different data centers upon failure Managing Risk in IT Slide 28
3rd Party Providers Managing Risk in IT Slide 29
3rd Party Providers • Financial pressure and offsite delivery model drive the need • Risk Management starts with Sourcing, continues with Contracting and finally Vendor Management • Extend your in-house staff seamlessly if managed well Managing Risk in IT Slide 30
3rd Party Providers – cont. • Growing number of delivery models, specialized services and budget pressure are driving more reliance on 3rd party service providers • 25% of IT budgets are now going to 3rd party providers • Over 50% of IT managers surveyed will increase their budget on SAAS providers. Managing Risk in IT Slide 31
3rd Party Providers – cont. • Areas of Risk and Mitigation: – Data Security – Stability of provider and their service – Your brand and reputation – Legal and Professional liability Managing Risk in IT Slide 32
3rd Party Providers – cont. • Data Security • Privacy policies in contract • Vendor audit • Internal training on Data Security awareness • Sensitive information (e.g. High Wealth Donors) may warrant DLP Managing Risk in IT Slide 33
3rd Party Providers – cont. • Stability of provider • Basic Balance sheet and Cash Flow analysis • Bankruptcy, M and A • Stability of service • Service Levels objectives in contract • Incentives and discounts/refunds • Vendor Scorecards Managing Risk in IT Slide 34
3rd Party Providers – cont. Managing Risk in IT Slide 35
3rd Party Providers – cont. • Brand reputation • Brand usage built in to contracts • On site risk assessment • Deliverable reviews Managing Risk in IT Slide 36
3rd Party Providers – cont. • Legal and Professional liability • Business Continuity plan review • Standardized best practices • Standard Legal Terms and Conditions Managing Risk in IT Slide 37
Managing Risk in IT Conclusion • Be partner with business • Make risk management strategic • Evaluate outsourced and cloud offerings • Follow Best Practices • Use Best of Breed • Utilize 3rd party providers wisely Managing Risk in IT Slide 38
Managing IT Risk in a small- medium sized organization Managing Risk in IT Slide 39
Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad! or Online using <#NTC12RISK> at www.nten.org/ntc/eval Managing Risk in IT Slide 40

Recommended

Mis 2 dss
Mis 2 dssMis 2 dss
Mis 2 dssakhilesh420
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella
 
Crisis Communications, Social Media and Notification Systems Webinar - Core C...
Crisis Communications, Social Media and Notification Systems Webinar - Core C...Crisis Communications, Social Media and Notification Systems Webinar - Core C...
Crisis Communications, Social Media and Notification Systems Webinar - Core C...CORE Consulting
 
Slide01 introductory
Slide01 introductorySlide01 introductory
Slide01 introductoryKolej Komuniti
 
Ch12
Ch12Ch12
Ch12Abha Damani
 
HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT
HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT
HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT Continuity and Resilience
 
Chapter 8 Mis Decision Support System
Chapter 8 Mis Decision Support SystemChapter 8 Mis Decision Support System
Chapter 8 Mis Decision Support Systemmanagement 2
 
Software Project Implementation
Software Project Implementation Software Project Implementation
Software Project Implementation Joel Okomoli
 

Recommended

Mis 2 dss
Mis 2 dssMis 2 dss
Mis 2 dssakhilesh420
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella
 
Crisis Communications, Social Media and Notification Systems Webinar - Core C...
Crisis Communications, Social Media and Notification Systems Webinar - Core C...Crisis Communications, Social Media and Notification Systems Webinar - Core C...
Crisis Communications, Social Media and Notification Systems Webinar - Core C...CORE Consulting
 
Slide01 introductory
Slide01 introductorySlide01 introductory
Slide01 introductoryKolej Komuniti
 
Ch12
Ch12Ch12
Ch12Abha Damani
 
HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT
HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT
HOW TO PLAN AND MANAGE A BCM AND IT DR PROJECT Continuity and Resilience
 
Chapter 8 Mis Decision Support System
Chapter 8 Mis Decision Support SystemChapter 8 Mis Decision Support System
Chapter 8 Mis Decision Support Systemmanagement 2
 
Software Project Implementation
Software Project Implementation Software Project Implementation
Software Project Implementation Joel Okomoli
 
Business oriented risk management approach luĂ­s martins
Business oriented risk management approach luĂ­s martinsBusiness oriented risk management approach luĂ­s martins
Business oriented risk management approach luĂ­s martinsLuis Martins
 
Mis & Decision Making
Mis & Decision MakingMis & Decision Making
Mis & Decision MakingArun Mishra
 
A Study of Automated Decision Making Systems
A Study of Automated Decision Making SystemsA Study of Automated Decision Making Systems
A Study of Automated Decision Making Systemsinventy
 
DSS and decision support system and its types
DSS and decision support system and its typesDSS and decision support system and its types
DSS and decision support system and its typesHammalAkhtar
 
Crisis Management Training by Iowa State University
Crisis Management Training by Iowa State UniversityCrisis Management Training by Iowa State University
Crisis Management Training by Iowa State UniversityAtlantic Training, LLC.
 
Why your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramWhy your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramPECB
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017Etienne Liebetrau
 
Decision support system
Decision support systemDecision support system
Decision support systemDivyaNathani1
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004Donald E. Hester
 
Selling Data Security Technology
Selling Data Security TechnologySelling Data Security Technology
Selling Data Security TechnologyFlaskdata.io
 
Mis chapter 2 infomation, management and decision making
Mis chapter 2 infomation, management and decision makingMis chapter 2 infomation, management and decision making
Mis chapter 2 infomation, management and decision makingAjay Khot
 
Gartner Security &amp; Risk Management Summit Brochure
Gartner Security &amp; Risk Management Summit BrochureGartner Security &amp; Risk Management Summit Brochure
Gartner Security &amp; Risk Management Summit Brochuretrunko
 
Community IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators
 
MIS & DSS
MIS & DSSMIS & DSS
MIS & DSSAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Security and Business Continuity Working Together
Security and Business Continuity Working TogetherSecurity and Business Continuity Working Together
Security and Business Continuity Working Togethercharliemb2
 
Survivors
SurvivorsSurvivors
Survivorscharlesadams
 
Unit 1 DSS
Unit 1 DSSUnit 1 DSS
Unit 1 DSSsamkalra-1992
 
Dss
DssDss
DssKeshaw Kumar Sahu
 
Mis student version 2013
Mis student version 2013Mis student version 2013
Mis student version 2013Aamera Khan
 
Designing Online Engagement to Collaborate with Your Community
Designing Online Engagement to Collaborate with Your CommunityDesigning Online Engagement to Collaborate with Your Community
Designing Online Engagement to Collaborate with Your CommunityNTEN
 
CIL Legal Update- Oliver Martin, RTPI West Midlands CPD
CIL Legal Update- Oliver Martin, RTPI West Midlands CPDCIL Legal Update- Oliver Martin, RTPI West Midlands CPD
CIL Legal Update- Oliver Martin, RTPI West Midlands CPDDesign South East
 
The new health landscape- Paul Southon, RTPI CPD June13
The new health landscape- Paul Southon, RTPI CPD June13The new health landscape- Paul Southon, RTPI CPD June13
The new health landscape- Paul Southon, RTPI CPD June13Design South East
 

More Related Content

What's hot

Business oriented risk management approach luĂ­s martins
Business oriented risk management approach luĂ­s martinsBusiness oriented risk management approach luĂ­s martins
Business oriented risk management approach luĂ­s martinsLuis Martins
 
Mis & Decision Making
Mis & Decision MakingMis & Decision Making
Mis & Decision MakingArun Mishra
 
A Study of Automated Decision Making Systems
A Study of Automated Decision Making SystemsA Study of Automated Decision Making Systems
A Study of Automated Decision Making Systemsinventy
 
DSS and decision support system and its types
DSS and decision support system and its typesDSS and decision support system and its types
DSS and decision support system and its typesHammalAkhtar
 
Crisis Management Training by Iowa State University
Crisis Management Training by Iowa State UniversityCrisis Management Training by Iowa State University
Crisis Management Training by Iowa State UniversityAtlantic Training, LLC.
 
Why your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramWhy your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramPECB
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017Etienne Liebetrau
 
Decision support system
Decision support systemDecision support system
Decision support systemDivyaNathani1
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004Donald E. Hester
 
Selling Data Security Technology
Selling Data Security TechnologySelling Data Security Technology
Selling Data Security TechnologyFlaskdata.io
 
Mis chapter 2 infomation, management and decision making
Mis chapter 2 infomation, management and decision makingMis chapter 2 infomation, management and decision making
Mis chapter 2 infomation, management and decision makingAjay Khot
 
Gartner Security &amp; Risk Management Summit Brochure
Gartner Security &amp; Risk Management Summit BrochureGartner Security &amp; Risk Management Summit Brochure
Gartner Security &amp; Risk Management Summit Brochuretrunko
 
Community IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators
 
Security and Business Continuity Working Together
Security and Business Continuity Working TogetherSecurity and Business Continuity Working Together
Security and Business Continuity Working Togethercharliemb2
 
Mis student version 2013
Mis student version 2013Mis student version 2013
Mis student version 2013Aamera Khan
 

What's hot (19)

Business oriented risk management approach luĂ­s martins
Business oriented risk management approach luĂ­s martinsBusiness oriented risk management approach luĂ­s martins
Business oriented risk management approach luĂ­s martins
 
Mis & Decision Making
Mis & Decision MakingMis & Decision Making
Mis & Decision Making
 
A Study of Automated Decision Making Systems
A Study of Automated Decision Making SystemsA Study of Automated Decision Making Systems
A Study of Automated Decision Making Systems
 
DSS and decision support system and its types
DSS and decision support system and its typesDSS and decision support system and its types
DSS and decision support system and its types
 
Crisis Management Training by Iowa State University
Crisis Management Training by Iowa State UniversityCrisis Management Training by Iowa State University
Crisis Management Training by Iowa State University
 
Why your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity ProgramWhy your Information Security MUST mesh with your Business Continuity Program
Why your Information Security MUST mesh with your Business Continuity Program
 
Security challenges in 2017
Security challenges in 2017Security challenges in 2017
Security challenges in 2017
 
Decision support system
Decision support systemDecision support system
Decision support system
 
IT Business Continuity Planning 2004
IT Business Continuity Planning 2004IT Business Continuity Planning 2004
IT Business Continuity Planning 2004
 
Selling Data Security Technology
Selling Data Security TechnologySelling Data Security Technology
Selling Data Security Technology
 
Mis chapter 2 infomation, management and decision making
Mis chapter 2 infomation, management and decision makingMis chapter 2 infomation, management and decision making
Mis chapter 2 infomation, management and decision making
 
Gartner Security &amp; Risk Management Summit Brochure
Gartner Security &amp; Risk Management Summit BrochureGartner Security &amp; Risk Management Summit Brochure
Gartner Security &amp; Risk Management Summit Brochure
 
Community IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for NonprofitsCommunity IT Innovators - BYOD for Nonprofits
Community IT Innovators - BYOD for Nonprofits
 
MIS & DSS
MIS & DSSMIS & DSS
MIS & DSS
 
Security and Business Continuity Working Together
Security and Business Continuity Working TogetherSecurity and Business Continuity Working Together
Security and Business Continuity Working Together
 
Survivors
SurvivorsSurvivors
Survivors
 
Unit 1 DSS
Unit 1 DSSUnit 1 DSS
Unit 1 DSS
 
Dss
DssDss
Dss
 
Mis student version 2013
Mis student version 2013Mis student version 2013
Mis student version 2013
 

Viewers also liked

Designing Online Engagement to Collaborate with Your Community
Designing Online Engagement to Collaborate with Your CommunityDesigning Online Engagement to Collaborate with Your Community
Designing Online Engagement to Collaborate with Your CommunityNTEN
 
CIL Legal Update- Oliver Martin, RTPI West Midlands CPD
CIL Legal Update- Oliver Martin, RTPI West Midlands CPDCIL Legal Update- Oliver Martin, RTPI West Midlands CPD
CIL Legal Update- Oliver Martin, RTPI West Midlands CPDDesign South East
 
The new health landscape- Paul Southon, RTPI CPD June13
The new health landscape- Paul Southon, RTPI CPD June13The new health landscape- Paul Southon, RTPI CPD June13
The new health landscape- Paul Southon, RTPI CPD June13Design South East
 
Vocational Architecture Learning Network
Vocational Architecture Learning NetworkVocational Architecture Learning Network
Vocational Architecture Learning NetworkDesign South East
 
Introduction To Designing Online Community Nov09
Introduction To Designing Online Community Nov09Introduction To Designing Online Community Nov09
Introduction To Designing Online Community Nov09Nancy Wright White
 
Creating great places David Engwicht oct 2011
Creating great places David Engwicht oct 2011Creating great places David Engwicht oct 2011
Creating great places David Engwicht oct 2011Design South East
 

Viewers also liked (7)

Designing Online Engagement to Collaborate with Your Community
Designing Online Engagement to Collaborate with Your CommunityDesigning Online Engagement to Collaborate with Your Community
Designing Online Engagement to Collaborate with Your Community
 
CIL Legal Update- Oliver Martin, RTPI West Midlands CPD
CIL Legal Update- Oliver Martin, RTPI West Midlands CPDCIL Legal Update- Oliver Martin, RTPI West Midlands CPD
CIL Legal Update- Oliver Martin, RTPI West Midlands CPD
 
The new health landscape- Paul Southon, RTPI CPD June13
The new health landscape- Paul Southon, RTPI CPD June13The new health landscape- Paul Southon, RTPI CPD June13
The new health landscape- Paul Southon, RTPI CPD June13
 
Lichen planus afroamerican people
Lichen planus afroamerican peopleLichen planus afroamerican people
Lichen planus afroamerican people
 
Vocational Architecture Learning Network
Vocational Architecture Learning NetworkVocational Architecture Learning Network
Vocational Architecture Learning Network
 
Introduction To Designing Online Community Nov09
Introduction To Designing Online Community Nov09Introduction To Designing Online Community Nov09
Introduction To Designing Online Community Nov09
 
Creating great places David Engwicht oct 2011
Creating great places David Engwicht oct 2011Creating great places David Engwicht oct 2011
Creating great places David Engwicht oct 2011
 

Similar to Managing Risk in IT

Does IT Security Matter?
Does IT Security Matter?Does IT Security Matter?
Does IT Security Matter?Luke O'Connor
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk ManagementTudor Damian
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management Ersoy AKSOY
 
Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14
Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14
Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14Karim Network
 
Information technology risks
Information technology risksInformation technology risks
Information technology riskssalman butt
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItResilient Systems
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challengeFERMA
 
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...Judith Beckhard Cardoso
 
Cytegic presentation 02 12
Cytegic presentation 02 12Cytegic presentation 02 12
Cytegic presentation 02 12Cytegic
 
GDPR - no beginning no end
GDPR - no beginning no endGDPR - no beginning no end
GDPR - no beginning no endExove
 
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - FortinetStay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - FortinetMarcoTechnologies
 
GDPR: The Application Security Twist
GDPR: The Application Security TwistGDPR: The Application Security Twist
GDPR: The Application Security TwistSecurity Innovation
 
Has visibility of user experience become clouded by complexity?
Has visibility of user experience become clouded by complexity?Has visibility of user experience become clouded by complexity?
Has visibility of user experience become clouded by complexity?nexthink
 
Digital Operations Service Design
Digital Operations Service DesignDigital Operations Service Design
Digital Operations Service DesignNVISIA
 
Staying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving WorldStaying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving Worldbrian andrews
 

Similar to Managing Risk in IT (20)

Does IT Security Matter?
Does IT Security Matter?Does IT Security Matter?
Does IT Security Matter?
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Information Security Risk Management
Information Security Risk Management Information Security Risk Management
Information Security Risk Management
 
Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14
Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14
Datacenter event - pitch - Easy Virt - martin dargent - 15-09-14
 
Information technology risks
Information technology risksInformation technology risks
Information technology risks
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify It
 
Today's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About ItToday's Breach Reality, The IR Imperative, And What You Can Do About It
Today's Breach Reality, The IR Imperative, And What You Can Do About It
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Meeting the cyber risk challenge
Meeting the cyber risk challengeMeeting the cyber risk challenge
Meeting the cyber risk challenge
 
CIO 360 grados: empoderamiento total
CIO 360 grados: empoderamiento totalCIO 360 grados: empoderamiento total
CIO 360 grados: empoderamiento total
 
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
A holistic approach to risk management 20210210 w acfe france &amp; cyber rea...
 
Cytegic presentation 02 12
Cytegic presentation 02 12Cytegic presentation 02 12
Cytegic presentation 02 12
 
GDPR - no beginning no end
GDPR - no beginning no endGDPR - no beginning no end
GDPR - no beginning no end
 
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - FortinetStay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - Fortinet
 
GDPR: The Application Security Twist
GDPR: The Application Security TwistGDPR: The Application Security Twist
GDPR: The Application Security Twist
 
Has visibility of user experience become clouded by complexity?
Has visibility of user experience become clouded by complexity?Has visibility of user experience become clouded by complexity?
Has visibility of user experience become clouded by complexity?
 
Digital Operations Service Design
Digital Operations Service DesignDigital Operations Service Design
Digital Operations Service Design
 
Staying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving WorldStaying Safe In A Quickly Evolving World
Staying Safe In A Quickly Evolving World
 

More from NTEN

17NTC Overall Speaker Timelines
17NTC Overall Speaker Timelines17NTC Overall Speaker Timelines
17NTC Overall Speaker TimelinesNTEN
 
17NTC Speaker Orientation Call
17NTC Speaker Orientation Call17NTC Speaker Orientation Call
17NTC Speaker Orientation CallNTEN
 
Call for 17NTC Session Proposals
Call for 17NTC Session ProposalsCall for 17NTC Session Proposals
Call for 17NTC Session ProposalsNTEN
 
2015 Leading Change Summit: Making the Most of LCS
2015 Leading Change Summit: Making the Most of LCS2015 Leading Change Summit: Making the Most of LCS
2015 Leading Change Summit: Making the Most of LCSNTEN
 
Community Organizing Tools from the Experts Webinar
Community Organizing Tools from the Experts WebinarCommunity Organizing Tools from the Experts Webinar
Community Organizing Tools from the Experts WebinarNTEN
 
2013 Nonprofit Engagement Data Management Study: A Graphic Report
2013 Nonprofit Engagement Data Management Study: A Graphic Report2013 Nonprofit Engagement Data Management Study: A Graphic Report
2013 Nonprofit Engagement Data Management Study: A Graphic ReportNTEN
 
2012 State of Nonprofit Data Report
2012 State of Nonprofit Data Report2012 State of Nonprofit Data Report
2012 State of Nonprofit Data ReportNTEN
 
Smart Technology Investment for Nonprofits
Smart Technology Investment for NonprofitsSmart Technology Investment for Nonprofits
Smart Technology Investment for NonprofitsNTEN
 
Social Media for Social Good - NCVS Pre-Con Workshp
Social Media for Social Good - NCVS Pre-Con WorkshpSocial Media for Social Good - NCVS Pre-Con Workshp
Social Media for Social Good - NCVS Pre-Con WorkshpNTEN
 
Ready, Fire, Aim
Ready, Fire, AimReady, Fire, Aim
Ready, Fire, AimNTEN
 
But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...
But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...
But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...NTEN
 
The Story of Stuff: How an Environmental Campaigner to New Media Mogul
The Story of Stuff: How an Environmental Campaigner to New Media MogulThe Story of Stuff: How an Environmental Campaigner to New Media Mogul
The Story of Stuff: How an Environmental Campaigner to New Media MogulNTEN
 
Better Nonprofit Websites: 52 Tweaks in 52 Weeks
Better Nonprofit Websites: 52 Tweaks in 52 WeeksBetter Nonprofit Websites: 52 Tweaks in 52 Weeks
Better Nonprofit Websites: 52 Tweaks in 52 WeeksNTEN
 
Practical Problem Solving Using Mobile Technology
Practical Problem Solving Using Mobile TechnologyPractical Problem Solving Using Mobile Technology
Practical Problem Solving Using Mobile TechnologyNTEN
 
Zen and Art of Workflow Development
Zen and Art of Workflow DevelopmentZen and Art of Workflow Development
Zen and Art of Workflow DevelopmentNTEN
 
12 nt cviz
12 nt cviz12 nt cviz
12 nt cvizNTEN
 
Tips and Tools for Technology Planning
Tips and Tools for Technology PlanningTips and Tools for Technology Planning
Tips and Tools for Technology PlanningNTEN
 
Technology Governance: Smart, Sexy and Simple in Seven Steps
Technology Governance: Smart, Sexy and Simple in Seven StepsTechnology Governance: Smart, Sexy and Simple in Seven Steps
Technology Governance: Smart, Sexy and Simple in Seven StepsNTEN
 
Social Network Fundraising: Facts, Myths, and Strategies that Work
Social Network Fundraising: Facts, Myths, and Strategies that WorkSocial Network Fundraising: Facts, Myths, and Strategies that Work
Social Network Fundraising: Facts, Myths, and Strategies that WorkNTEN
 
Maturing Your Organization's Social Culture... by Creating a Policy?
Maturing Your Organization's Social Culture... by Creating a Policy?Maturing Your Organization's Social Culture... by Creating a Policy?
Maturing Your Organization's Social Culture... by Creating a Policy?NTEN
 

More from NTEN (20)

17NTC Overall Speaker Timelines
17NTC Overall Speaker Timelines17NTC Overall Speaker Timelines
17NTC Overall Speaker Timelines
 
17NTC Speaker Orientation Call
17NTC Speaker Orientation Call17NTC Speaker Orientation Call
17NTC Speaker Orientation Call
 
Call for 17NTC Session Proposals
Call for 17NTC Session ProposalsCall for 17NTC Session Proposals
Call for 17NTC Session Proposals
 
2015 Leading Change Summit: Making the Most of LCS
2015 Leading Change Summit: Making the Most of LCS2015 Leading Change Summit: Making the Most of LCS
2015 Leading Change Summit: Making the Most of LCS
 
Community Organizing Tools from the Experts Webinar
Community Organizing Tools from the Experts WebinarCommunity Organizing Tools from the Experts Webinar
Community Organizing Tools from the Experts Webinar
 
2013 Nonprofit Engagement Data Management Study: A Graphic Report
2013 Nonprofit Engagement Data Management Study: A Graphic Report2013 Nonprofit Engagement Data Management Study: A Graphic Report
2013 Nonprofit Engagement Data Management Study: A Graphic Report
 
2012 State of Nonprofit Data Report
2012 State of Nonprofit Data Report2012 State of Nonprofit Data Report
2012 State of Nonprofit Data Report
 
Smart Technology Investment for Nonprofits
Smart Technology Investment for NonprofitsSmart Technology Investment for Nonprofits
Smart Technology Investment for Nonprofits
 
Social Media for Social Good - NCVS Pre-Con Workshp
Social Media for Social Good - NCVS Pre-Con WorkshpSocial Media for Social Good - NCVS Pre-Con Workshp
Social Media for Social Good - NCVS Pre-Con Workshp
 
Ready, Fire, Aim
Ready, Fire, AimReady, Fire, Aim
Ready, Fire, Aim
 
But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...
But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...
But What Do You Actually Do?: Communicating Your Nonprofit's Work in Ways You...
 
The Story of Stuff: How an Environmental Campaigner to New Media Mogul
The Story of Stuff: How an Environmental Campaigner to New Media MogulThe Story of Stuff: How an Environmental Campaigner to New Media Mogul
The Story of Stuff: How an Environmental Campaigner to New Media Mogul
 
Better Nonprofit Websites: 52 Tweaks in 52 Weeks
Better Nonprofit Websites: 52 Tweaks in 52 WeeksBetter Nonprofit Websites: 52 Tweaks in 52 Weeks
Better Nonprofit Websites: 52 Tweaks in 52 Weeks
 
Practical Problem Solving Using Mobile Technology
Practical Problem Solving Using Mobile TechnologyPractical Problem Solving Using Mobile Technology
Practical Problem Solving Using Mobile Technology
 
Zen and Art of Workflow Development
Zen and Art of Workflow DevelopmentZen and Art of Workflow Development
Zen and Art of Workflow Development
 
12 nt cviz
12 nt cviz12 nt cviz
12 nt cviz
 
Tips and Tools for Technology Planning
Tips and Tools for Technology PlanningTips and Tools for Technology Planning
Tips and Tools for Technology Planning
 
Technology Governance: Smart, Sexy and Simple in Seven Steps
Technology Governance: Smart, Sexy and Simple in Seven StepsTechnology Governance: Smart, Sexy and Simple in Seven Steps
Technology Governance: Smart, Sexy and Simple in Seven Steps
 
Social Network Fundraising: Facts, Myths, and Strategies that Work
Social Network Fundraising: Facts, Myths, and Strategies that WorkSocial Network Fundraising: Facts, Myths, and Strategies that Work
Social Network Fundraising: Facts, Myths, and Strategies that Work
 
Maturing Your Organization's Social Culture... by Creating a Policy?
Maturing Your Organization's Social Culture... by Creating a Policy?Maturing Your Organization's Social Culture... by Creating a Policy?
Maturing Your Organization's Social Culture... by Creating a Policy?
 

Recently uploaded

PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024Matteo Carbone
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncrdollysharma2066
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 

Recently uploaded (20)

PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024IoT Insurance Observatory: summary 2024
IoT Insurance Observatory: summary 2024
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 

Managing Risk in IT

  • 1. Managing Risk in IT #12NTCRISK Richard D. Wollenberger Jay L. Seagren Managing Risk in IT Slide 1
  • 2. Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad! or Online using <#NTC12RISK> at www.nten.org/ntc/eval Managing Risk in IT Slide 2
  • 3. Managing IT Risk in a small- medium sized organization Managing Risk in IT Slide 3
  • 4. Managing Risk in IT • Introductions • What is risk management? • Budgets • Integration with business needs • Managing Staff • Managing the computing environment Managing Risk in IT Slide 4
  • 5. Who are we? Richard Wollenberger Director of Information Technology Parents as Teachers national office richard.wollenberger@parentsasteachers.org Jay Seagren Senior Manager, Enterprise Systems, The Pew Charitable Trusts jseagren@pewtrusts.org Managing Risk in IT Slide 5
  • 6. Who’s here today • Organization size? • Accidental techie? • # of IT staff? Managing Risk in IT Slide 6
  • 7. IT Resources Managing Risk in IT Slide 7
  • 8. What is Risk Management? • Origins of risks – From the ancient Italian word riscare – The study of risk began during the Renaissance – Daniel Bernoulli – Harry Markowitz Managing Risk in IT Slide 8
  • 9. What does this have to do with IT? • Every decision you make is about managing some kind of risk – Which AV system will protect your staff? – Which backup system will be easy to use (restore from) during an emergency situation? – MS vs. Google? – Voice/data connections – Firewall Managing Risk in IT Slide 9
  • 10. Budgets • Every penny you spend in IT is NOT spent on your mission – Track every expense related to: • Computer hw/sw • Internet connectivity • Telephone & fax • Printing & copying • Training – end user – Tech staff (yes, you need ongoing training) Managing Risk in IT Slide 10
  • 11. Budget Resources • www.itlever.com – (search for budget or budgeting) • IT Management – (http://itmanagerinstitute.com/free-ebook) • Tech Republic – (link in slide show) Managing Risk in IT Slide 11
  • 12. Integration with the business • You have to sit at the table • Strategic planning • You are there to support them • You are there to improve processes and make it easier • You are there to look for cost efficiencies – Hard and soft dollar • Business continuity (disaster planning) Managing Risk in IT Slide 12
  • 13. Sit at the table • Be a partner with the business • Have a Service Level Agreement (SLA) so your “customers” know what to expect Managing Risk in IT Slide 13
  • 14. Strategic planning • Why is this important? – Strategic planning drives the business, and you need to be helping steer. Managing Risk in IT Slide 14
  • 15. Who they gonna call? Managing Risk in IT Slide 15
  • 16. What do you need to do? • Improve business processes • Find hard and soft dollar cost efficiencies Managing Risk in IT Slide 16
  • 17. Staffing • Are you an “Accidental Techie?” • Do you manage other IT staff? Managing Risk in IT Slide 17
  • 18. Managing Risk in IT Slide 18
  • 19. Outsourcing vs. Insourcing Services • Office and Collaboration • Help desk • Constituent Management • Security • Server and Network Managing Risk in IT Slide 19
  • 20. Office and Collaboration • Google Apps (Low Risk) – Free for non-profits <3000 users – Now online and offline (Chrome) – Bonus: Postini spam filter Managing Risk in IT Slide 20
  • 21. Office and Collaboration • Office 365 (Medium Risk) – Requires desktop client – Per seat costs ($6-$27/user/month) – Bonus: SharePoint Managing Risk in IT Slide 21
  • 22. Help Desk • (low risk – it’s free) • (med risk - about $20/seat/month) • (med risk – new version not available yet – check for pricing with Techsoup.org) Managing Risk in IT Slide 22
  • 23. Constituent Management • (low risk) – $200 - $475/month • (medium risk) – 10 licenses free, >10 80% discount – Nonprofit Starter pack (free) Managing Risk in IT Slide 23
  • 24. Security • Virus protection – Symantec ($25/yr) – McAfee ($30/yr) – Microsoft System Essentials • Free for <10 PCs – Microsoft Forefront Endpoint ($20/seat) Managing Risk in IT Slide 24
  • 25. Disaster Planning • This is not good: Managing Risk in IT Slide 25
  • 26. Disaster Planning and Recovery • Disaster Planning – Scope of plan • Room, building, city, region • Disaster Recovery – Online backup and recovery – Pricing terms – Amazon Web Services • (http://media.amazonwebservices.com/AWS _Pricing_Overview.pdf) Managing Risk in IT Slide 26
  • 27. Server and Network • Specs – What you want vs. what you need • Tools – Is the cloud right for your organization? • Processes • Procedures • Change management • Regulation and law compliance Managing Risk in IT Slide 27
  • 28. Server and Network – cont. • Duplicate and mirrored services • 2 separate data centers • Different geographic and power grid zones • Carbon copying between the two • 3rd Party DNS can route to different data centers upon failure Managing Risk in IT Slide 28
  • 29. 3rd Party Providers Managing Risk in IT Slide 29
  • 30. 3rd Party Providers • Financial pressure and offsite delivery model drive the need • Risk Management starts with Sourcing, continues with Contracting and finally Vendor Management • Extend your in-house staff seamlessly if managed well Managing Risk in IT Slide 30
  • 31. 3rd Party Providers – cont. • Growing number of delivery models, specialized services and budget pressure are driving more reliance on 3rd party service providers • 25% of IT budgets are now going to 3rd party providers • Over 50% of IT managers surveyed will increase their budget on SAAS providers. Managing Risk in IT Slide 31
  • 32. 3rd Party Providers – cont. • Areas of Risk and Mitigation: – Data Security – Stability of provider and their service – Your brand and reputation – Legal and Professional liability Managing Risk in IT Slide 32
  • 33. 3rd Party Providers – cont. • Data Security • Privacy policies in contract • Vendor audit • Internal training on Data Security awareness • Sensitive information (e.g. High Wealth Donors) may warrant DLP Managing Risk in IT Slide 33
  • 34. 3rd Party Providers – cont. • Stability of provider • Basic Balance sheet and Cash Flow analysis • Bankruptcy, M and A • Stability of service • Service Levels objectives in contract • Incentives and discounts/refunds • Vendor Scorecards Managing Risk in IT Slide 34
  • 35. 3rd Party Providers – cont. Managing Risk in IT Slide 35
  • 36. 3rd Party Providers – cont. • Brand reputation • Brand usage built in to contracts • On site risk assessment • Deliverable reviews Managing Risk in IT Slide 36
  • 37. 3rd Party Providers – cont. • Legal and Professional liability • Business Continuity plan review • Standardized best practices • Standard Legal Terms and Conditions Managing Risk in IT Slide 37
  • 38. Managing Risk in IT Conclusion • Be partner with business • Make risk management strategic • Evaluate outsourced and cloud offerings • Follow Best Practices • Use Best of Breed • Utilize 3rd party providers wisely Managing Risk in IT Slide 38
  • 39. Managing IT Risk in a small- medium sized organization Managing Risk in IT Slide 39
  • 40. Evaluate This Session! Each entry is a chance to win an NTEN engraved iPad! or Online using <#NTC12RISK> at www.nten.org/ntc/eval Managing Risk in IT Slide 40