Today many argue that managing and prioritizing spending and security programs based on risk is the only way that makes sense.

A realistic and well-executed IT GRC program pays big dividends in reduced costs, reduced risk, consistent compliance, increased business and even better morale. A recently released annual report of the IT Policy Compliance Group found that companies with the most mature IT GRC practices, performed on average, 13% to 17% higher in customer satisfaction, customer retention, revenue, profit and reduced expenses, than those with the least mature practices.

This seminar explains how to build a risk-based approach in your organization where you engage the proper business areas to ensure appropriate governance. Our experts review a variety of technology solutions designed to help you achieve your goal and learn from the mistakes of those who have gone before you.

Session 1: Creating Successful Information Security Governance

More than ever information security in financial services requires a thorough combination of governance elements, including policies, procedures, technology and, most importantly, training and awareness. In this session, Eric Holmquist explores the key elements of sound information security governance and how to successfully manage and coordinate all of the complex and important elements. Topics include:

Designing an effective governance structure
Managing more than just regulatory compliance
Creating effective control and monitoring elements

Session 2: Leveraging Technologies to Help with GRC Mandates

While much of GRC is integrating processes and metrics to understand risks and manage enterprise performance, technology can play an important role in making governance, risk management and compliance more efficient and effective. In this session, you discover new technologies that can help as well as existing technologies that can be leveraged to serve these new GRC mandates including:

Risk and compliance software
Two-factor authentication
SEIMs
Endpoint security

Session 3: Lessons Learned from Societe Generale

The events at Societe Generale, that led to an unprecedented $7 billion dollar loss, has been labeled as a failure of IT, process controls, management oversight and even management's crippling of the control program. In this session, Keith White examines and analyzes the published facts taking into consideration principles of effective governance structures, compliance expectations, and control and monitoring strategies, all of which are critical to an effective information security program. Here is a sneak peak at some of the questions that will be considered:

What contextual elements may have contributed to the events leading up to the Societe Generale losses?
What is authorization "creep" and how does it occur?
How does collusion, or its absence, increase or decrease the IS aspects of a risk scenario?

Session 4: Key Takeaways on Establishing an Effective GRC Model

The seminar concludes with best practices and lessons learned from Eric Holmquist, a practitioner who has built a successful GRC policy for his organization. Holmquist will also participate in a Q&A session- your chance to get answers to your security questions.

Click here to register.

Or call Annabelle Bozin at 508-621-5530 to reserve your seat today.

Win a Digital Camera and a GPS Navigation System

Along with receiving expert advice, free breakfast and lunch, all related seminar materials and a complete PowerPoint presentation with all our speakers' notes and slides, you'll also have the chance to return home with a Digital Camera and a GPS navigation system when you attend!