Training.

Why?

Knowledge is the cornerstone of success. Yet in the field of Risk and Compliance, knowledge is hard to achieve because it has long been over complicated by the industry experts with their own special language.

How?

Our training programs distill Risk and Compliance down to digestible language and simple actionable concepts, that will put your people in control. We provide your people with the most current and relevant training materials, to ensure your Risk and Compliance program’s success and longevity.

What?

Our training covers the core knowledge and skills required to successfully maintain a healthy Risk and Compliance program, as well as the know-how to provide valuable, ongoing insight to the business.

Training courses include:

• Governance Risk & Compliance Distilled (1 Day)
  • Introduction to Performance Based Controls Design
  • Introduction to Risk Management
  • Leveraging your Service Management platform to manage compliance
  • Getting to real-time compliance reporting
• Addressing Security & Data Privacy Requirements of your Client (1/2 Day)
  • Discovering hidden client requirements
  • Understanding your contractual obligations
  • The benefits of defining your controls framework
  • How to reduce the cost of client related compliance activities
  • How to use your controls framework to close new business
  • Getting started with a client contract transformation
• Getting Started with Effective Risk-based Decision Making (1/2 Day)
  • Introduction to Risk Management
  • How to determine your risk profile
  • Making Risk Assessments a repeatable process
  • Getting to real-time risk reporting
  • Translating IT risk into business risks
  • Prioritizing risks in terms of business impact
  • Creating data sets and reporting to meet business demands, improve decision making, and create business value
• Emerging Trends in Governance Risk & Compliance: Building a Scalable and Sustainable GRC Program (2-day Seminar)

Audience:
SVP’s, VP’s, Directors and Senior Managers from cross-industry organizations with responsibilities in: IT Audit, Integrated Audit, Internal Audit, IT Security, Certified Information System Auditors, Chief Information Security Officers, Compliance, Internal Controls

Benefits:

• Leverage emerging technologies to meet IT Governance, Risk, and Compliance objectives
• Estimate the scope, cost, and commitment of an enterprise IT GRC Program
• Successfully implement industry frameworks such as COBIT, ISO 27002, NIST, and ITIL, to meet critical business objectives
• Establish IT and data standards as the backbone for enterprise governance
• Manage business risk related to the adoption of emerging technologies (Cloud, SaaS, IaaS, etc).
• Utilize existing IT systems to build sustainable compliance models for regulatory requirements, such as SOX, FFIEC, PCI, FISMA, GLBA, HIPAA, HITECH, CMS, NERC, NIST
• Architect IT systems for real-time risk reporting
• Integrate GRC and IT Service Management/Operations to improve IT performance
• Learn to manage your auditors, your audits, and your controls
• Build a business-focused IT risk management program
• Create an effective, scalable Governance, Risk, and Compliance Strategy

Through interactive discussions and activities, presentations, case study evaluations and documentation, key areas to be covered include:

Leveraging technologies for IT Governance, Risk, and Compliance

• What’s out there – Weeding through the vast array GRC tool choices and determining what’s best for your enterprise.
• Cutting through the GRC hype – What are technologies really delivering and how does that measure up to your business needs?
• Keys to success for any GRC tool deployment
• Discovering the benefits of integrating GRC and IT Service Management/Operations
  • Rethinking Controls
• Performance-based controls design – Using controls to improve operational efficiency
• How to identify the right controls for your business
• Creating efficiencies through the rationalization and consolidation of your core controls framework
• Getting in the Driver Seat with IT Audits

Rethinking Risk

• Building an effective Risk Management Program
• Addressing your clients’ security and privacy requirements
• Managing controls associated with 3rd Party Providers
• Managing Risk with Technology Adoption (strategy, checklist)

GRC Strategic Planning

• Bringing together the right people, process, and technology around GRC to deliver value back to the business
• Best Practice and tips on implementing best practice frameworks (COBIT, ITIL, ISO, etc)
• Getting to Risk-based reporting – Bringing IT data and business data together for effective risk based decision making
• Creating the right data strategy for an effective GRC program
• Understanding your GRC Maturity
• Creating your GRC Roadmap

• Managing Risk & Compliance with your 3rd Party Service Providers (1/2 Day)