Andrej  Volchkov Author of Evaluating Organization Development
FEATURED AUTHOR

Andrej Volchkov

Consultant
Stramizos

Andrej VOLCHKOV is an independent consultant in the field of information security governance and management. He has 30 years of experience as a security program manager and responsible for new technologies and IT change management at Pictet Group, a major financial institution based in Geneva, Switzerland. Andrej is invited speaker at Geneva University School of Economics and Management and acknowledged speaker in some major international conferences.

Biography

Andrej VOLCHKOV is an independent consultant in the field of information security governance and program management. He has 30 years of experience as a security program manager and responsible for new technologies and IT change management at Pictet Group, a major financial institution based in Geneva, Switzerland. Within Pictet he was also in charge of compliance projects in the field of data privacy and data protection. Previously he served as a head of IT security, compliance and internal solutions unit in IT. He was also a project leader, likewise responsible for information technology architectures, introduction of new technologies, methods and standards. Previously he served as research assistant, business analyst and software developer.
Andrej is invited speaker at Geneva University School of Economics and Management in the domain of Security Governance and acknowledged speaker in some major international conferences. He graduated in Mathematics and IT, holds an MBA from Geneva School of Economics and Management and is member of major international IT and Security Associations.

Areas of Research / Professional Expertise

    Information Technologies (IT) Change Management
    Information Security Governance and Management
    Cybersecurity
    Business Development

Personal Interests

    Information Security
    Emerging Technologies
    Teaching
    Business Development

Websites

Books

Featured Title
 Featured Title - Information Security Governance and Management Framework - 1st Edition book cover

Articles

ISACA Journal, Volume 5, 2013

How to Measure Security From a Governance Perspective


Published: Dec 06, 2013 by ISACA Journal, Volume 5, 2013
Authors: Andrej Volchkov
Subjects: Information Technology

Good governance relies on reports or measures that either assess the adequacy of information security, the security program and the return on security investment (ROSI) or the progress toward fixed objectives. Companies need a pragmatic approach for monitoring the effectiveness of security countermeasures to enable them to adjust their program accordingly and decide on investments.

ISACA Journal Author Blog

Security Index


Published: Dec 06, 2013 by ISACA Journal Author Blog
Authors: Andrej Volchkov
Subjects: Information Technology

Regardless of whether we are talking about monitoring the status of security, evaluating its effectiveness or assessing the return on security investment (ROSI) of countermeasures put in place, major concerns must always be the relevance and the quality of the indicators used. Anyone who builds a dashboard needs to ensure not only that it conveys useful information but also that it remains stable over time.

IT Professional Journal, Volume 4, March 2002

Server-Based Computing Opportunities


Published: Mar 02, 2002 by IT Professional Journal, Volume 4, March 2002
Authors: Andrej Volchkov
Subjects: Information Technology

Server-based computing sidesteps thin-client problems by off-loading traditional client-server applications to terminal servers.

IT Professional Journal, IEEE, Volume: 3, 2001

Revisiting single sign-on: a pragmatic approach in a new context


Published: Feb 01, 2001 by IT Professional Journal, IEEE, Volume: 3, 2001
Authors: Andrej Volchkov
Subjects: Information Technology

Single sign-on is a solution that lets users authenticate themselves once and access different applications without reauthentication. Using applications becomes easier, technical-assistance costs go down, and security improves. Many new devices, applications, and authentication methods are on the horizon, and although the general issue remains relatively simple and clearly defined, the solution's integration in an IT environment can become complicated.