100 likes | 287 Views
CEO REPORT. Thomas F. Schrader ERCOT Board of Directors December 14, 2004. Fee Settlement Audit Response Action Plan Security Work Plan Chander Ahuja, Director of Security. CEO Report. Challenge Effective use of resources Aggressive effort Cost savings Activities & projects
E N D
CEO REPORT Thomas F. Schrader ERCOT Board of Directors December 14, 2004
Fee Settlement Audit Response Action Plan Security Work Plan Chander Ahuja, Director of Security CEO Report
Challenge Effective use of resources Aggressive effort Cost savings Activities & projects Documentation & Justification Fee Settlement
Mgmt. Planning & Practices Fee Settlement Management Action Plan (MAP) Audits Roadmaps Management Action Plan Audit Response Management Activities Internal Control Environment Specific Projects Process Redesign • Mission/vision/goals • Org. structure • Budget -- review of activities/expenses • Cost tracking • Risk assessment • Mgmt. reporting • Internal control mgmt. program • Cultural change • Roles & responsibilities • Internal Audit • Fixed asset inventory • Lawson • Policies & procedures • Security initiatives • HR projects • Fixed asset management • Contracting & procurement • Hiring • Other TBD
Provides comprehensive and consistent method to track all recommendations Improves accountability for management’s action plans Helps ensure completion dates are met Audit Tracking System
Security Work Plan 2005 Chander M. Ahuja Director of Security
Crown Jewels People, Information, Physical assets Responsibility Security is a part of every job at ERCOT Security lifecycle Requirements, Communicate, Integrate, Measure, Report Remediation process features High risk first, Business ownership for execution, Verify 2005 Goals Accountability Establish comprehensive, integrated ERCOT Security Practice Remediation with a concentrated effort Strategic Security Vision
Audits 2005 Security Plan Best Security Practices EY Roadmap ERCOT 2005 Security Plan Tasks to address Audit findings (Responses) Tasks to Establish strong practices (Practices) Tasks to close large gaps (Projects) Establish practices Remediation GOAL: Accountability
Asset Classification Initiative Secure Information Initiative Access Control Initiative Physical Security initiative Security Vision initiative Strategic Initiatives