Automating Policy Compliance and IT Governance

Jason Creech, Director of Strategic Alliances Automating Policy Compliance And IT Governance

IT GRC ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Basic IT GRC Definitions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],C O N F I D E N T I A L C O M P A N Y C O N F I D E N T I A L

Why Do We Need IT GRC ,[object Object],[object Object],[object Object],[object Object],[object Object]

Challenges? ,[object Object],[object Object],[object Object],[object Object]

Regulatory Landscape ,[object Object],[object Object],[object Object],FDA 21 CFR Part 11 (Pharma) HIPAA Security Rule EU Data Protection Directive GLBA 1990s PIPEDA (Canada) FDCC/SCAP NIST SP 800-53 PCI Data Security Standard EC Data Privacy Directive BS 7799 / ISO 17799 / 27001 / 27002 FISMA 2002 Basel II Accord Sarbanes-Oxley NERC California SB 1386 Privacy 2000 and beyond FFIEC IT Exam Handbook ITIL v3

Meet Compliance Stakeholder Needs ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Bridging Departmental Gaps Simple Compliance Framework Procedures and Guidelines Detail Knowledge and Expertise Framework Level Detailed Technical BU Managers/Audit Compliance Security Operations Policies, Standards, Business Requirements Controls (Manual/Auto) Procedures and Guidelines Enforcement Regulations Frameworks Standards SOX HIPAA GLBA CobIT COSO ISO17799 PCI NIST NERC “ Example: Vulnerable Processes must be eliminated..” CID 1130 The telnet daemon shall be disabled AIX 5.x Technology Telnet streams are transmitted in clear text, including usernames and passwords. The entire session is susceptible to interception by Threat Agents.

QualysGuard Simplifies and Automates ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Benefits ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

How does QualysGuard PC Work? ,[object Object]

Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Security and Regulatory Compliance Convergence in one single application delivered as SaaS

Automating Policy Compliance and IT Governance

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Automating Policy Compliance and IT Governance

Similar to Automating Policy Compliance and IT Governance (20)

More from Sasha Nunke

More from Sasha Nunke (8)

Recently uploaded

Recently uploaded (20)

Automating Policy Compliance and IT Governance