1 / 35

GRC Business Unit Presentation to Partners

GRC Business Unit Presentation to Partners. Avi Rose – Sales and Strategy February 2012. Agenda . 1. Background. 2. Easy2comply – Present and Future. 3. The Business cases. 4. Product Demo. Agenda . 1. Background. 2. easy2comply – Present and Future. 3. The Business cases. 4.

kaiyo
Download Presentation

GRC Business Unit Presentation to Partners

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GRC Business UnitPresentation to Partners Avi Rose – Sales and Strategy February 2012

  2. Agenda 1 Background 2 Easy2comply – Present and Future 3 The Business cases 4 Product Demo

  3. Agenda 1 Background 2 easy2comply – Present and Future 3 The Business cases 4 Product Demo

  4. Extending 3D Security Extending

  5. Following the Corporate Scandals • GRC burden is constantly growing due to complex regulations and standards and increased enforcement ISO 31000 BS 25999 ITIL 3.0 17799 ISO 27799 COSO SAS70 SOX ITGC ISO 9001 ISO 14001 nerc ISO 27009 OMB 123A ISO 38001 CLERP 9 MIFID JSOX COBIT ISO 27002 Rosh /wee ISO 27001 CSOX ISO 27005 FERC ISO 27010 PCI 2.0 SEC ESOX SOX NIST800 41 ERM SOLVENCY 2 HIPAA C49 NIST800 30 NIST 800 HITECH NIST800 33 RAC BASEL 2 NIST800 18 FDA PRIVACY LAW AML NIST800 14 PM BOK FCPA GLBA FFCRA StarkIII ARROW Patriot ACT Goshen FIPS 199 ICM SAS 110 CAPA SAS 109 ICM FIPS 200 HACCP Tabaks-blat FAA 357 257

  6. GRC Management Challenges • Managing Each Regulation in Silos Complicated Time Consuming Costly Dozens of Regulations Thousands of Control Tests Millions of $

  7. GRC Management Objectives • Building Processes, Hiring People andDeploying Technology in order to: Manage Risk Exposure Governance & Comply with Regulations while Compliance Risk Reducing Operational Burden

  8. Agenda 1 Background 2 easy2comply – Present and Future 3 The Business Cases 4 Product Demo

  9. Easy2comply Product Line • Proactive GRC Management Compliance Risk Audit Policy and Regulatory Compliance Asset and IT Risk Management Internal and External Audit Management

  10. easy2comply Current Offering Eliminates Spreadsheet Chaos Lowers Costs of Risk and Compliance Management Improves Analytics and Decision Making Process

  11. Easy2comply Workflow • Mapping • Control Testing • Reporting • Risk Assessment Map business processes, business objectives, and regulatory requirements Assess the risks associated with business objectives Document and test the controls that need to be in place in order to mitigate the risks View yourrisk andcompliance status

  12. Mapping Regulation Mapping Policy Mapping

  13. Easy2comply Workflow • Mapping • Control Testing • Reporting • Risk Assessment Map business processes, business objectives, and regulatory requirements Assess the risks associated with business objectives Document and test the controls that need to be in place in order to mitigate the risks View yourrisk andcompliance status

  14. Risk Assessment

  15. Easy2comply Workflow • Mapping • Control Testing • Reporting • Risk Assessment Map business processes, business objectives, and regulatory requirements Assess the risks associated with business objectives Document and test the controls that need to be in place in order to mitigate the risks View yourrisk andcompliance status

  16. Control &Testing

  17. Easy2comply Workflow • Mapping • Control Testing • Reporting • Risk Assessment Map business processes, business objectives, and regulatory requirements Assess the risks associated with business objectives Document and test the controls that need to be in place in order to mitigate the risks View yourrisk andcompliance status

  18. Reporting • Policy Compliance Status BusinessRequirementfor AccessControl UserAccessMgmt. UserResponsibilities NetworkAccessControl OperatingSystemAccessControl ApplicationInformationAccessControl MobileComputingandTeleworking

  19. easy2comply Current Offering Eliminates Spreadsheet Chaos Lowers Costs of Risk and Compliance Management Improves Analytics and Decision Making Process

  20. easy2comply Future Offering From Manual to AutomaticControl Testing

  21. Compliance Management Workflow • Define • Manage • Assess Define Regulations and Standards You Wish to Comply With Automatically Assess Your Policy and Regulation Status Manage Your Compliance Process

  22. Sample Automatic Control Regulation: ISO 27001 • easy2comply Platform – Requirement description Check Point Correlation: Application Control blade

  23. Sample Automatic Control Regulation: PCI DSS 2.0 • easy2comply Platform – requirement description Check Point Correlation: FW Blade Check that “Drop out of State” TCP packets is enabled on all gateways

  24. Agenda 1 Background 2 easy2comply Present and Future 3 The Business Case 4 Product Demo

  25. 250+ Existing Customers 25

  26. Who Are We Selling To CRO CFO CCO Continuously Monitor Risks Get Visibility ofHigh Risk Area ImplementEffective Controls OBJECTIVES Risk Finance Compliance • CIO Manage Compliance without hurting Operational Performance • CISO Move from Manual toAutomated Controls

  27. Case Study – Resell easy2comly • The Situation : • International manufacturing company with 60 regional centres • Controls documented by each centre on spreadsheets • Data Aggregated by region, by group

  28. Case Study - The Challenge 1 Time consuming to collate information 2 Follow up of actions rarely done 3 Data returned was inconsistent, hard to compare

  29. Case Study - The solution 1 Central implementation of easy2comply, accessed by all regions 2 Standardized templates of data, ensuring consistency 3 Automated workflow and email alerts

  30. Case Study - The Benefits 1 No time wasted collating information 2 Immediate reporting 3 Efficient process, increasing regional participation

  31. Partner Opportunities: Resell Audit Service Managed Service Resell easy2comply products Include easy2comply as a service to your customers Offer as part of security managed services*

  32. Easy2comply Delivery On Demand On Site Hosted in a secure hosting center Installed in customer’s premises

  33. Resell easy2comply Products

  34. Agenda 1 Background 2 easy2comply Present and Future 4 3 Product Demo The Business Case

  35. Thank You !!! avirose@checkpoint.com +972-3-542-8120

More Related