ComplianceOnline

SOX Compliance and IT Controls: Understanding CobiT/ITIL/ISO17799 Frameworks for Regulatory Compliance

Instructor: Alan Calder
Product ID: 700129
Training Level: Basic to Intermediate
  • Duration: 60 Min

recorded version

$249.00
1x Person - Unlimited viewing for 6 Months
(For multiple locations contact Customer Care)
Recorded Link and Ref. material will be available in My CO Section

Training CD

$500.00
One CD is for usage in one location only.
(For multiple locations contact Customer Care)
CD and Ref. material will be shipped within 15 business days

Customer Care

Fax: +1-650-963-2556

Email: customercare@complianceonline.com

Read Frequently Asked Questions

Enterprise risk management and critical success factors in deploying COBIT/ITIL/ISO17799 joint framework.

Description

Understanding CobiT/ITIL/ISO17799 Frameworks for Regulatory Compliance. SOX Compliant IT controls can be implemented through the adoption of an externally-validated, best-practice.

SOX Compliant IT controls can be implemented through the adoption of an externally-validated, best-practice approach to information security - one that provides a single, coherent, multi-layered, channel-specific, framework that enables simultaneous compliance with multiple regulatory requirements. Multi-layered technology approaches are, therefore, solutions to which organizations are increasingly turning.

Historically, there have been a number of such frameworks to which organizations could turn. The recent emergence of an official, integrated framework containing CobiT, ITIL and ISO 17799 offers business leaders an outstanding opportunity to import coherence into an otherwise sometimes fragmentary operational IT environment.

Areas Covered in the Session:

  • Current and future governance and compliance requirements
  • The role of enterprise risk management
  • Linkages and similarities between state, national and international regulations
  • Why the traditional approach to regulatory compliance no longer works
  • Business risks arising from legal contradictions, overlaps and loopholes
  • Scale and impact on corporate brand, market position and share value of regulatory failure
  • Key governance requirements of directors
  • Role of best practice frameworks
  • Linkage between compliance requirements and best practice frameworks
  • Background and history of CobiT, ITIL and ISO 17799 - similarities and differences
  • Importance of the CobiT/ITIL/ISO17799 joint framework
  • Benefits of deploying this best practice framework
  • Critical success factors in deploying this framework

What will Attendees Learn:

  • They will get a thorough overview of the governance and compliance requirements faced by today’s organizations
  • They will understand current and future regulatory requirements, within a broad governance context
  • They will be able to articulate the risks faced by their organizations and identify appropriate strategies for mitigating those risks
  • They will understand the background to and nature of best practice frameworks
  • They will be able to effectively deploy the new, integrated best-practice framework

Who Will Benefit:

This seminar will benefit

  • Board members
  • Company directors
  • Non-executive directors
  • C-suite officers
  • Senior managers in all disciplines
  • Governance and compliance professionals
  • IT managers
  • Risk managers
  • The staffs of those functions
Anyone interested in governance and regulatory compliance, whether as an adviser, manager, employee or individual subject to its requirements, will get value from this seminar.

Instructor Profile:

Alan Calder is an international authority on IT governance and information security management. He is the author of IT Governance: Guidelines for Directors, and IT Governance Today: a Practitioner’s Handbook. He is the founder director of IT Governance Ltd (www.itgovernance.co.uk), and has consulted with a wide range of companies (including Cisco) on how to deploy best-practice frameworks to improve regulatory compliance and reduce compliance-related cost and risk profiles.

He led the world’s first successful implementation of BS 7799, the information security management standard upon which ISO 27001 is based, and wrote the definitive compliance guide for this standard, IT Governance: A Manager’s Guide to Data Security and BS7799/ISO17799. The 3rd edition of this book is the basis for the UK Open University’s postgraduate course on Information Security.

He regularly blogs on IT governance and information security issues at http://alancalder.blogspot.com.

Topic Background:

Organizations have traditionally responded to regulatory compliance requirements on a law-by-law, or department-by-department basis. That was, last century, a perfectly adequate response. There were relatively few laws, compliance requirements were generally firmly established and well-understood, and the jurisdictions within which businesses operated were well-defined.

Over the last decade, all that has changed. Rapid globalisation, increasingly pervasive information technology, the evolving business risk and threat environment, and today’s governance expectations have, between them, created a fast-growing and complex body of laws and regulations - such as HIPAA, SOX, GLBA, EU Privacy and Data Protection Directives, and Turnbull - that impact the organization’s IT systems. While global companies are in the forefront of finding effective compliance solutions, every organization, however small, in whatever industry, and anywhere in the world, is challenged by the same broad range of state, federal, national and international regulatory requirements.

These regulatory requirements focus on the confidentiality, integrity and availability of electronically-held information, and primarily - but not exclusively - on personal data. Many of the new laws - such as SB 1386, OPPA, the EU Safe Harbor regulations, EU Directives, Basel 2, etc - all appear to overlap and, not only is there very little established legal guidance as to what constitutes compliance, new laws and regulatory requirements continue to emerge. Increasingly, these laws have a geographic reach that extends to organizations based and operating outside the apparent jurisdiction of the legislative or regulatory body.

In the face of new, blended, complex and evolving threats to their data, organizations have business and regulatory obligations to protect, maintain and make data available when it is required. They have to do this in an uncertain compliance environment where the rewards for success don’t grab headlines, but the penalties for failure do.

Fines, reputation and brand damage and, in some circumstances, jail time for directors are outcomes that every business wants to avoid. And organizations want to do more than simply avoid these risks; they want to reduce the cost and disruption of multiple compliance initiatives, and they want to minimises the impact on customer-focused business operations. Some organizations want to go further than this, and look to get positive business returns from their investment in closing information loopholes and improving the security of their information systems.

The way to do this is through the adoption of an externally-validated, best-practice approach to information security - one that provides a single, coherent, multi-layered, channel-specific, framework that enables simultaneous compliance with multiple regulatory requirements. Multi-layered technology approaches are, therefore, solutions to which organizations are increasingly turning. Historically, there have been a number of such frameworks to which organizations could turn. The recent emergence of an official, integrated framework containing CobiT, ITIL and ISO 17799 offers business leaders an outstanding opportunity to import coherence into an otherwise sometimes fragmentary operational IT environment.

Follow us :
ComplianceOnline Banking Summit 2016 | Risk Management and Data Security - 80390SEM
ComplianceOnline Medical Device Summit 2017

Product Reviews

This product hasn't received any reviews yet. Be the first to review this product! Write review

Best Sellers
You Recently Viewed
    Loading