Strong Security Governance through Integration and Automation : A Practical Guide to Building an Integrated GRC Framework for Your Organization book cover
SAVE
$15.00
1st Edition

Strong Security Governance through Integration and Automation
A Practical Guide to Building an Integrated GRC Framework for Your Organization



  • Available for pre-order. Item will ship after December 20, 2021
ISBN 9780367862770
December 20, 2021 Forthcoming by Auerbach Publications
240 Pages 61 B/W Illustrations

 
SAVE ~ $15.00
was $75.00
USD $60.00

Prices & shipping based on shipping country


Preview

Book Description

This book provides step by step directions for organizations to adopt a security and compliance related architecture according to mandatory legal provisions and standards prescribed for their industry, as well as the methodology to maintain the compliances. It sets a unique mechanism for monitoring controls and a dashboard to maintain the level of compliances. It aims at integration and automation to reduce the fatigue of frequent compliance audits and build a standard baseline of controls to comply with the applicable standards and regulations to which the organization is subject. It is a perfect reference book for professionals in the field of IT governance, risk management, and compliance. The book also illustrates the concepts with charts, checklists, and flow diagrams to enable management to map controls with compliances.

Table of Contents

1.       Emerging Trends in Technology & its Impact on Business

 

2.       Need for compliance – challenges and roadblocks

 

3.       Adopting an Integrated approach for compliance

 

4.       Compliance Frameworks – possible solutions

 

5.       Adoption of a customized approach to compliance

 

6.       Activities/Phases to perform for achieving integrated compliance (with annexure A)

 

7.       Designing an operating model for risk & compliance aligned with the business model

 

8.       Next Steps – Through Automation

...
View More

Author(s)

Biography

Priti Sikdar, FCA, CISA, CISM, CRISC, ISO 27001 LA, BS 25999 LA, PRINCE 2 (FC) Ms. Sikdar is the author of ‘Practitioner’s Guide to Business Impact Analysis (BIA)’ published by Auerbach publishers in July 2017. Ms Sikdar is in the risk, audit and assurance sector for over 25 years and have performed internal audits, compliance standards rollouts, risk assessments and other similar assignments in the GRC space. She has developed the ISO 27001 standard rollout, the ISO 22301 business continuity implementation, risk assessment as per ISO 31000, and many such compliance related implementation and internal audits. She is a recognized trainer and a keynote speaker at security and resilience conferences. She has worked as Head of Finance for Shipping and Logistics Company. She has been Partner with Ray & Co Chartered Accountants where she performed many bank audits relating to risk based, IS audits and data migration and post-implementation audits. She was also into Sarbanes Oxley Compliance where she was performing ITGC and Revenue modules of SOX. She owned ISA Tutorials where she was teaching Chartered Accountant IT audit, IS systems and how to audit in complex technology environments. Ms. Sikdar has worked with Grant Thornton, as Manager Business Risk Services where she has initiated a BS 25999 rollout, SAS 70 assignments and Enterprise Risk assessments. She was with KPMG London where she was doing IT internal audit for Financial Services sector and also was spearheading a big in-house Technology Global Services Project for 6 divisions of Technology within Risk & Assurance function. Ms. Sikdar has authored two books; ‘Information Systems Audit & Security’ and ‘Management Information Systems for Final C.A.’ published by Lawpoint Publishers India. Besides she has been authoring articles and white papers on IS Audit and Business Continuity Planning as well as speaking in International Conferences and ISACA local chapters. Her articles are carried in Indo-Swiss and Indo-US magazines and she does a lot of online mentoring for students appearing for CISA, CISM examinations. Ms. Sikdar gives online consulting for US and South Africa regions on third party assurance, secure infrastructure building, writing of security policies and rolling out an information systems management system in line with ISO 27001 and ISO 22301 standards. As subject matter expert, she is consulted for complex IT audit and control assignments and she is involved in risk assessments and gap analysis for her clients in India. Akshay Garkel: Akshay is a business leader with more than 18 years of work experience in Technology Risk, and Cybersecurity spanning across various geographies including India, APAC and ME. His areas of expertise range across a relevant blend of Cybersecurity, Technology Risk, IT Risk Advisory, business and practice management. His focus has been working with large Financial Institutes including public and private sector banks, mutual fund houses, large exchanges, insurance companies and capital houses in India. Currently Akshay serves as a Partner in Grant Thornton India LLP His contribution to Cyber eminence activities include writing articles for various publications, giving audio byte interviews and attending events on Risk Management & Cybersecurity in capacity of a panelist or a speaker. Academically he holds a master’s degree in information technology & Security from QUT Brisbane Australia and bachelor’s in computer engineering from Mumbai University