GRC Transformation: Supporting New Age Digital Organizations - PowerPoint PPT Presentation

grc transformation supporting new age digital organizations n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
GRC Transformation: Supporting New Age Digital Organizations PowerPoint Presentation
Download Presentation
GRC Transformation: Supporting New Age Digital Organizations

Loading in 2 Seconds...

play fullscreen
1 / 12
GRC Transformation: Supporting New Age Digital Organizations
2 Views
Download Presentation
acooper
Download Presentation

GRC Transformation: Supporting New Age Digital Organizations

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. GRC Transformation: Supporting New Age Digital Organizations Ahmed Qurram Baig Founder - CISO COUNCIL & CISOCONNECT

  2. Digital Transformation Challenges Digital Transformation is not just an enabler, it’s also a key differentiator and completive advantage

  3. Business Challenges • Lack of cross organizational collaboration is a leading obstacle for forecasting critical business risks. • Need an integrated view of strategic, operational and IT risk management processes and data • Managed & reported in silos as individual functions inhibiting collaboration and understanding of risks at enterprise level • Many organizations employ a "technology-first" mindset when trying to solve their most pressing risk management challenges leading to highly fragmented risk management technology architecture

  4. Key Security Challenges • Technology Complexity • Time Constraints • Cyber workforce : Stressed & lack of talent* • Sophisticated & innovative adversaries • Hype and False sense of security • Global Regulations • DevOPS • Lack of automation and repetitive tasks • Lack of visibility * Organizations can take is to document and formalize all cyber security processes (41 percent) - Second annual global study from ESG and ISSA

  5. Enterprise Compliance & Risk

  6. GRC Challenges • Delayed and siloed reporting of risks, controls and other areas • Extensive use of shared folder and spreadsheets • Enterprise risk categorization and scale not unified • Inconsistent or duplicative assurance activities performed as uncoordinated testing of controls and compliance monitoring • Mix of older software and unsupported software by GRC Functions • Difficulty in readily locating compliance information required by audit or regulators https://assets.kpmg/content/dam/kpmg/us/pdf/2017/06/kpmg-metricstream-guiding-your-grc-transformation-journey.pdf

  7. GRC Myths • All GRC solutions are the same • We can have a GRC solution without technology • We aren’t prepared for a GRC solution • First, we need to clean house. Then we’ll think about GRC

  8. GRC Expectations • Continuous controls monitoring • Loss and fraud prevention • Enterprise risk and audit management • Cybersecurity

  9. AI Really ? • Human Replacement or Human Machine Partnership (Augmentation)

  10. AI Applications integration with GRC / IRM

  11. GRC way forward towards Integrated risks management • Analytics (E.g. Predictive) • Simulation and Calibration • Agile GRC on all devices • Realtime and OnDemand reporting • AI & ML in GRC • Blockchain

  12. Thank You Questions email: ahmed.baig@cisocouncil.org