Building ITGRC Ecosystems into the Enterprise

Practical Approaches, Concepts, and Automation Techniques for Managing Information Technology Governance, Risk, and Compliance

by Geno Pandolfi

Building ITGRC Ecosystems into the Enterprise
Pinterest

Building ITGRC Ecosystems into the Enterprise

Practical Approaches, Concepts, and Automation Techniques for Managing Information Technology Governance, Risk, and Compliance

by Geno Pandolfi

Published Jun 26, 2018
335 Pages
Genre: COMPUTERS / Information Technology



 

Book Details

Integrating ITGRC Controls for Risk Awareness and Action

A key challenge for managing Information Technology Governance, Risk, and Compliance (ITGRC) is ensuring that the correct IT controls and functions are implemented in best-practices. “Building ITGRC Ecosystems into the Enterprise”, describes the ITGRC processes and automation approaches that have evolved in the IT industry for managing the risks associated with the introduction of global computer technologies.

The author provides proven controls, processes, and automation models that can allow IT and Risk personnel to develop integrated ITGRC Ecosystems for governing IT compliance and risks across the Enterprise. The book contains descriptions of the major ITGRC control frameworks and automation samples for the capture of key Information Technology performance and risk variables. It provides the major integration focus for key Ecosystem data components, dashboard/reporting concepts, and touch points for Enterprise ITGRC management.

 

Book Excerpt

In Building ITGRC Ecosystems into the Enterprise, the objective is to reinforce for IT and risk management personnel key IT operational controls and practices that are a basis for management of enterprise governance, risk, and compliance of IT services and operations. This book provides an understanding of the basic approaches and methodologies for managing IT governance, compliance, and risk exposure. It can assist in enabling IT operational control and risk management activities for development of processes, measurement of technology, system and control interfaces, policies, and standards. Finally, it provides a review of practical techniques for automating controls through sample technology concepts, and key performance (KPI) and risk management (KRI) indicators, comparative risk trends and leading measurements for ITGRC best-practice management.

While IT executive management still require risk-based decision processes and continued analysis to manage IT controls and risk exposure, it is critical to automate the environments. This is needed to reduce manual data handling and avoid manipulation in ITGRC environments and provide real-time risk assessment and management. It includes automation of hundreds of IT controls where possible and the validation of these controls, while providing real-time messaging from IT Ecosystems. It is a key attribute for efficient management in today’s micro-second transactional and global usage of mobile technologies. Enabling ITGRC management with automated measurements and risk technology controls is vital to effective management of complex technology and the real-time exposure from today’s IT risks to the Enterprise.

 

About the Author

Geno Pandolfi

Geno Pandolfi has forty-years of experience in the Information Technology and Risk Management industries. He was one of the first “C” level Chief Continuity Officers designated in the banking industry and holds an MBA in Management Science from Fordham University, and a BBA in Computer Science from Pace University.

Mr. Pandofi is a Certified Business Continuity Lead Auditor by DRI*, and has architected, designed, and implemented multiple IT systems, operational governance, compliance, and risk management software solutions over the last twenty years. (*Disaster Recovery Institute International). Geno resides in Wolfeboro NH with his wife, Lee.

 

Multi-Media