Loading in 2 Seconds...
Loading in 2 Seconds...
GRC Transformation: Supporting New Age Digital Organizations Ahmed Qurram Baig Founder - CISO COUNCIL & CISOCONNECT
Digital Transformation Challenges Digital Transformation is not just an enabler, it’s also a key differentiator and completive advantage
Business Challenges • Lack of cross organizational collaboration is a leading obstacle for forecasting critical business risks. • Need an integrated view of strategic, operational and IT risk management processes and data • Managed & reported in silos as individual functions inhibiting collaboration and understanding of risks at enterprise level • Many organizations employ a "technology-first" mindset when trying to solve their most pressing risk management challenges leading to highly fragmented risk management technology architecture
Key Security Challenges • Technology Complexity • Time Constraints • Cyber workforce : Stressed & lack of talent* • Sophisticated & innovative adversaries • Hype and False sense of security • Global Regulations • DevOPS • Lack of automation and repetitive tasks • Lack of visibility * Organizations can take is to document and formalize all cyber security processes (41 percent) - Second annual global study from ESG and ISSA
GRC Challenges • Delayed and siloed reporting of risks, controls and other areas • Extensive use of shared folder and spreadsheets • Enterprise risk categorization and scale not unified • Inconsistent or duplicative assurance activities performed as uncoordinated testing of controls and compliance monitoring • Mix of older software and unsupported software by GRC Functions • Difficulty in readily locating compliance information required by audit or regulators https://assets.kpmg/content/dam/kpmg/us/pdf/2017/06/kpmg-metricstream-guiding-your-grc-transformation-journey.pdf
GRC Myths • All GRC solutions are the same • We can have a GRC solution without technology • We aren’t prepared for a GRC solution • First, we need to clean house. Then we’ll think about GRC
GRC Expectations • Continuous controls monitoring • Loss and fraud prevention • Enterprise risk and audit management • Cybersecurity
AI Really ? • Human Replacement or Human Machine Partnership (Augmentation)
GRC way forward towards Integrated risks management • Analytics (E.g. Predictive) • Simulation and Calibration • Agile GRC on all devices • Realtime and OnDemand reporting • AI & ML in GRC • Blockchain
Thank You Questions email: email@example.com