2019 March (All Day) Training Session
When: March 20, 2019 - 8:00 AM - 4:00 PM EST
Where: RTC HQ
Registration: Website
Cost:
ISACA-RTC Members - $75
Affiliated Organizations (IIA, ISSA, Othe ISACA Chapters) - $100
All Others: $125
CPEs: Up to 8
Handouts: Will Be Uploaded When available
Adopting GRC program for digital transformation using COBIT2019
The primary purpose of using a Governance, Risk and Compliance (GRC) system is to deliver value to stakeholders. Implementing GRC can yield benefits realization, risk optimization and resource optimization as well as assist in the proper alignment with compliance requirements based on risk.
In today’s high velocity and heavily compliant environments, digital transformation is key, and while business goals should be at the center of any digital transformation effort, these initiatives will require new I&T investments. Adopting advanced technology can be an enabler or distractor, but all have risk. These include areas such as big data, analytics, cloud computing, APIs, artificial intelligence (AI), internet of things (IoT), and so on. Therefore, a proven GRC framework will permit the identification of the steps that are needed to perform value delivery and effective balancing of performance and conformance.
There are multiple frameworks, models and standards to choose from. A challenge for most organizations is simply understanding what all of these are, and which ones are applicable or appropriate for them. In this insightful workshop on adopting a meaningful GRC system, we will explore the many models that are available today: what they are, how they fit, why choose them, and most importantly, how to create an overall GRC system in your organization that can govern and manage a digital transformation initiative.
Objectives:
- Understand what it means to be digital, and recognize the benefits and risks of these technologies.
- Recognize the various frameworks in the GRC ecosystem and how they can be collectively used to align with enterprise needs in a digital transformation effort.
- Learn tools and techniques to developing a body of assurance measures (control objectives) to ensure the proper deployment of a GRC system for the various digital technologies and deployment techniques.
Agenda:
- 1. Introduction
- Digital Transformation
- Description
- Trends and technologies
- Trends (Agile, DevOps, outsourcing/3rd parties)
- Compliance (privacy, cybersecurity, global standards)
- Technologies (big data, analytics, cloud computing, APIs, artificial intelligence, internet of things)
- The need for GRC in digital transformation
- GRC Frameworks
- GRC description and purpose
- The GRC ecosystem
- Applicable frameworks, standards and bodies of knowledge
- The GRC domains: Strategic Alignment, Benefits Realization, Risk Optimization, Resource Optimization, Performance Measurement
- COBIT 2019 Primer
- Background on COBIT
- Principles, components, governance/management objectives
- How COBIT 2019 addresses digital transformation
- Design factors and focus areas
- Designing a tailored governance system for digital transformation
- Providing assurance in digital transformation
- Applying GRC
- Understanding risk
- Key risks and suggested treatments/responses
- Balancing performance and conformance (risk vs. reward)
- Putting it all together – a case study in digital transformation and GRC
- Closing and questions
Speaker: Mark Thomas CGEIT, CRISC, IT GRC and digital transformation expert
For more information and to register for the training session, please visit the ISACA RTC website.