Share these talks and lectures with your colleagues
Invite colleaguesWe noted you are experiencing viewing problems
-
Check with your IT department that JWPlatform, JWPlayer and Amazon AWS & CloudFront are not being blocked by your network. The relevant domains are *.jwplatform.com, *.jwpsrv.com, *.jwpcdn.com, jwpltx.com, jwpsrv.a.ssl.fastly.net, *.amazonaws.com and *.cloudfront.net. The relevant ports are 80 and 443.
-
Check the following talk links to see which ones work correctly:
Auto Mode
HTTP Progressive Download Send us your results from the above test links at access@hstalks.com and we will contact you with further advice on troubleshooting your viewing problems. -
No luck yet? More tips for troubleshooting viewing issues
-
Contact HST Support access@hstalks.com
-
Please review our troubleshooting guide for tips and advice on resolving your viewing problems.
-
For additional help, please don't hesitate to contact HST support access@hstalks.com
We hope you have enjoyed this limited-length demo
This is a limited length demo talk; you may
login or
review methods of
obtaining more access.
Printable Handouts
Navigable Slide Index
- Introduction
- Agenda
- Key takeaways
- Importance of risk management in organizations
- IT risk relationship with enterprise risk
- Risk management = results
- Risk - threat or opportunity?
- Generating value in the enterprise
- Risk management in government
- Governing principles for risk
- Governing value in the enterprise
- Governance and ERM
- Governance of key enterprise assets
- How can IT support governance
- Key IT risk indicators
- Enterprise goals & IT/IS contribution
- Compliance
- Guiding principles and strategic directives
- Conformance, performance, assurance
- How compliance works
- Material impact considerations for assurance
- Ongoing compliance
- Government approach to critical infrastructure
- Critical infrastructure
- RMF and cybersecurity
- Framework and standards
- Scaling down
- IT security alignment with IT governance
This material is restricted to subscribers.
Topics Covered
- Enterprise risk management
- IT related risk
- Government and risk management
- Risk governance frameworks
- How IT can support corporate governance
- Compliance
- Demonstrating adherence to laws, regulations, policies and procedures
- Critical infrastructure and cybersecurity
- Metrics for performance and conformance
Links
Series:
Categories:
Talk Citation
Barthel, A. (2019, January 2). Governance, risk and compliance [Video file]. In The Business & Management Collection, Henry Stewart Talks. Retrieved December 21, 2024, from https://doi.org/10.69645/SDXA8469.Export Citation (RIS)
Publication History
Transcript
Please wait while the transcript is being prepared...
0:00
Hi, my name is Amalia Barthel.
I'm a privacy and GRC consultant and advisor,
and I interact with multinational organizations in most industry sectors.
In addition, I speak at conferences and I have also
authored and taught courses on topics relevant to governance,
risk, compliance, privacy and audit at the University of Toronto in Canada.
I'm here today for one of the sessions part of practical cybersecurity series.
My talk is titled,
"Governance, Risk and Compliance".
This session has direct applicability from large
to small organizations in the areas of IT and IT security.
0:40
Today's agenda will focus on four points.
Number one, the importance of risk management for organizations of all sizes.
Two, governing value in the enterprise.
Three, compliance and GRC, a balancing act.
Four, governments approach to
critical infrastructure protection and how this
scales down to small and medium enterprises.
1:02
The key takeaways today are practical tips to scale to GRC,
for small and medium organizations,
understanding the GRC triangle,
the critical role of compliance in service assurance and integrity,
and thinking big picture: governments strategies to critical infrastructure protection.
So, let's start.
1:28
Let's start by pointing out that in trying
to position IT risk management in the overall enterprise risk forum ,
we need to recognize that IT risk is pervasive in the enterprise.
Each risk area in the organization is inextricably linked to IT systems,
and is supported or serviced by the IT function.
Risk is introduced through IT systems,
but it also means that IT risk management is very
important for the organizations because it touches every area in the business.