Recorded: October 12 | 2011
Today, enterprises around the globe operate IT processes covering areas such as security, availability, infrastructure and IT project management. These processes support the core business processes that organizations use to operate successfully.
However, the management of risk and compliance around IT processes, or IT GRC, remains quite distinct and separate from the risk and compliance issues related to business processes. Most organizations manage their IT GRC separately from their enterprise GRC efforts. As a result, they face increased costs and labor efforts from having uncoordinated GRC initiatives. More importantly, they may not be appropriately managing the key IT risks and controls that could cause significant business impact. Critical business decisions cannot be made effectively when IT GRC efforts are not integrated with business GRC initiatives as CIOs must be able to explain IT risks in terms of business performance.
Join us for this roundtable discussion where you will learn how to:
- Remove the silos of GRC Management and define your Risk Measurement Process.
- Automate and standardize GRC activities with pre-defined workflow and reporting.
- Protect business value through continuous monitoring of both IT and business controls.
- Gain competitive advantage by managing risk across their IT and business processes.
- Integrate your business and IT GRC aligning GRC Technology with your GRC Program.
Moderator: Kelley Vick Panelists: Chris McCLean; Jean-Marie Zirano; Anindo Banerjea.
Brandon Dunlap is the Managing Director of research at Brightfly. He has more than 15 years of experience managing business technology risk in large and small organizations. He has served in a variety of roles across heavily regulated industries, successfully leading all aspects of IT security programs, including policy and procedure management, oversight and control, strategy, architecture, development, and training. Currently, he is the Managing Director of Research of Brightfly, an independent, advisory and research firm that focuses on building a collaborative IT practitioner communities and bridging the gaps within information technology, security, risk, compliance, and audit disciplines.
Chris McClean contributes to Forrester's offerings for the Security & Risk professional, leading the company's coverage of governance, risk, and compliance (GRC). He is also a thought leader on the related issues of corporate social responsibility (CSR) and sustainability. He is a frequent speaker on these subjects at vendor events as well as conferences run by industry organizations such as the Risk Management Association. He has also been interviewed by top media outlets such as CFO Magazine, Compliance Week, CRO Magazine, and Treasury & Risk Magazine. Chris serves Forrester clients with research on GRC and CSR strategy, organization, best practices, and technologies, and he is a frequent speaker on these subjects at industry and vendor events. Before coming to Forrester, his background was in marketing for security and risk management vendors, representing a broad range of market segments, such as compliance management, vulnerability management, digital forensics, and security information management.
Jean-Marie Zirano defines and manages MEGA's product strategy. Jean-Marie started his career as a MIS consultant with Andersen Consulting, working for retail, manufacturing and utilities companies. Jean-Marie then joined CGI (now IBM), Platinum Technology and Computer Associates in product line management positions. At MEGA since 2000, Jean-Marie helped boost the company's international growth. As VP – Business Development, he extended the reach of MEGA worldwide. Appointed VP – Product Management, he strengthened and extended MEGA's solutions from enterprise architecture to enterprise-wide GRC initiatives. In his current VP – Product Strategy role, Jean-Marie works closely with global companies willing to improve operational excellence, to provide them with holistic solutions covering enterprise architecture, risk management, governance and compliance programs.
Anindo Banerjea is the Vice President of Engineering at MetricStream. As VP Engineering at MetricStream, Dr. Anindo Banerjea is responsible for the development of MetricStream's suite of Governance, Risk and Compliance applications, as well as the tools for rapid application development. Prior to that he was CTO at TBDNetworks, specializing in network technology, virtualization and data center automation. Previously he was Research Professor at the Information Sciences Institute (ISI) at the University of Southern California and an Assistant Professor of Computer Science at the University of Toronto, where he conducted research and taught undergraduate and graduate level courses on networking and information technology. He received a Ph. D. in Computer Science from Berkeley and a B.Sc. from IIT, Delhi.