Avoiding Data Loss Prevention (DLP) Pitfalls A Discussion of Lessons Learned. April 2013
|
|
- Molly Riley
- 5 years ago
- Views:
Transcription
1 Avoiding Data Loss Prevention (DLP) Pitfalls A Discussion of Lessons Learned April 2013
2 Speaking With You Today Dan Frank Principal Deloitte & Touche LLP (312) (office) (312) (cell) Charles Keane National Security Architect Symantec (617) DLP Pitfalls A discussion of lessons learned
3 Agenda Deloitte and Symantec Alliance Overview Top 10 DLP Challenges, Root Causes Summary As used in this document, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. 2 DLP Pitfalls A discussion of lessons learned
4 Alliance Overview Global leaders with a demonstrated track-record of achievements and leading practices Leading risk consulting practice Client-specific, pragmatic advisory services Ability to provide strategic and technical responses to core business challenges Leading security software provider Global intelligence network Sophisticated and mature enterprise security tools and technologies Our alliance brings together two of the leading security and privacy software and professional services organizations in the world, helping organizations solve constantly evolving complex security and privacy related business challenges. 3 DLP Pitfalls A discussion of lessons learned
5 # 10 Where do I start? Lack of understanding of current environment, data loss risks, and associated risk mitigation priorities A tendency to boil the ocean when approaching data loss initiatives makes the solution seem overwhelming Perception that DLP is a one time technical project instead of a program Understand your risks first Prioritize your deployment strategy based on riskiest areas (e.g. data types, business units, business functions, end points, repositories) Build a multi-year road-map for your DLP program that focuses on quick wins as well as incremental business value and advanced functionality. 4 DLP Pitfalls A discussion of lessons learned
6 # 9 Understanding the Total Cost of Ownership of a DLP Program Failure to evaluate vendor marketing promises Misunderstanding of infrastructure costs and employee resource requirements Poor planning of level of effort associated with policy creation, workflow/remediation, and testing and tuning Conduct vendor evaluations and proof of concepts against specific business and technical requirements. Trust but verify. Create a high-level solution architecture to assist with estimating infrastructure costs Estimate resource requirements for both initial deployment as well as ongoing operations and maintenance 5 DLP Pitfalls A discussion of lessons learned
7 # 8 Getting Past the Basics Utilizing Advanced Features (*Only 30-40% of Symantec s DLP customers currently use advanced features) Concern with impeding legitimate business processes Lack of understanding of the legitimate/illegitimate business use Un-defined processes for business use case analysis Policies defined based on content vs. contextual analysis Lack of sufficient testing and tuning of policies over time before full scale deployment Lack of workflow and associated roles and responsibilities, SLA s, etc. to help the business recover information efficiently A sound understanding of the business and associated use cases is critical to enabling advanced features Policies should be carefully configured based on business use case analysis and sufficiently tested and tuned prior to being enabled Operational procedures and workflow for recovery of blocked/quarantined/encrypted information much be established to help prevent prolonged business interruption 6 DLP Pitfalls A discussion of lessons learned
8 # 7 Inability to move from data at rest ( DAR ) identification to DAR remediation Policies aren t fully tested and tuned before DAR scans take place No ownership information or other metadata is present in files No formal workflow process in place to interface with end users DAR scans should not be your first priority, baselines should be established over time to develop mature policies Lead DAR scans with Data Insight ( DI ), allow the tool to collect several months of usage patterns to establish ownership information Use information found in DLP and DI scans to establish formal workflow 7 DLP Pitfalls A discussion of lessons learned
9 # 6 Frustration with the speed at which the DLP solution becomes functional Lack of a DLP strategy to provide a clear vision and direction for the solution Poorly defined requirements Big Bang implementation approach Clearly and transparently articulate the DLP program s vision and strategy to stakeholders Well defined requirements along with a phased implementation plan are important Utilize POCs, pilots, and phased implementation approaches 8 DLP Pitfalls A discussion of lessons learned
10 # 5 Deploying DLP Globally Global privacy laws and labor unions can present varying, sometimes conflicting requirements which can restrict DLP monitoring Complaints as a result of DLP monitoring from end users arising from cultural differences Proper messaging and approvals not vetted beforehand Analyze and document legal and regulatory requirements related to employee monitoring (e.g. Germany, Netherlands) Create a regulatory/labor union communications and approval strategy and plan Allow ample time for socialization and approval of the solution with regulatory authorities/labor unions 9 DLP Pitfalls A discussion of lessons learned
11 # 4 Stakeholders may not understand the value that the solution is offering Poorly or un-defined DLP metrics and effectiveness criteria Lack of operational processes to collect and report DLP metrics Stakeholder expectation gaps related to functionality and timelines It is important to define metrics and effectiveness criteria, along with an initial baseline from which you can measure future progress Establish operational processes to periodically collect and report on DLP metrics to stakeholders Involve stakeholders early on and remain as transparent as possible throughout 10 DLP Pitfalls A discussion of lessons learned
12 # 3 Same old Same Old Business Behavior Doesn t Change Lack of operational processes and resources to perform business process re-engineering Lack of organizational policies and associated training and on-going communications to establish and reinforce expectations Poorly or undefined disciplinary measures and enforcement Lack of secure alternatives (e.g. secure , secure FTP, secure storage locations) Establish operational processes and a team to work with the business on secure alternatives for their business process Establish organizational security policies and reinforce the policies with training and on-going awareness campaigns Establish disciplinary processes and integrate data protection goals into employee performance evaluations/appraisals Provide users secure alternatives to accomplish their activities, otherwise unsecure workarounds will be developed 11 DLP Pitfalls A discussion of lessons learned
13 # 2 Unmanageable Incident Queues Poorly or un-defined incident severity levels and response workflows/ procedures Policies defined too broadly and without knowledge off legitimate business use Lack of sufficient testing and tuning of policies over time before full scale deployment Lack of a phased approach Insufficient resource allocation for incident response and remediation Lack of training of incident response team Define criteria for categorizing incidents by severity so that resources can be allocated based on business risk Formally document incident response procedures Spend the time required to understand your business so that policies can ignore legitimate business transactions/use Spend the time required to test and tune policies before fully deploying Don t boil the ocean - start out slow with a small number of polices Allocate requisite resources and conduct formal training 12 DLP Pitfalls A discussion of lessons learned
14 # 1 Business Community / End User Outcry Lack of policies to clearly set employee expectations Lack of communication related to solution/program Lack of business involvement in requirements and scope definition Lack of secure alternatives (e.g. secure e- mail, secure storage locations, etc.) Lack of operational processes to reduce business interruption time Set expectations through policy Reinforce expectations through training and awareness mechanisms Engage the business in solution requirements and scope Establish secure alternatives to enable people to do the right thing Establish operational processes and resources to respond to events efficiently to limit business interruption time 13 DLP Pitfalls A discussion of lessons learned
15 A Holistic DLP Program In our joint experience an effective DLP solution/program should be approached broadly, focusing not just on the technology, but also upon the people and processes needed to support and interface with the DLP solution. I. Governance DLP strategy DLP requirements Organizational structure Policies and procedures Training and awareness Metrics, monitoring, and reporting II. Process Business process analysis Incident response workflows Incident response plan Tuning and adjustment Policy change management Help desk procedures Business process re-engineering III. Security Integration Integration with enterprise security tools and systems IAM SEM DLP GRC Infrastructure Top down Integrates people, process, and technology Aligns DLP solution with business drivers and value IV. System Implementation Hardware and software Egress points Storage repositories End points Policy configuration Access configuration WAN WWW WAN VPN Network DR Data warehouse Business Analytics Customer Portal Outsourced Development Enterprise e - mail Disk storage Production Data Staging File Server Back up tape Back up disk Applications Files Storage 14 DLP Pitfalls A discussion of lessons learned
16 In Summary Transparent communication with stakeholders and business community Tight coordination and integration with the business Well defined requirements aligned with business goals Considerations Toward an Effective DLP Program A well thought out and defined strategy and road-map/plan Allocating resources to supporting processes Benefits of Our Joint Approach Helps prevent costly re-work Demonstrates business value through quick wins Helps to prevent business community and end-user outcry Enables the use of advanced system capabilities Achieving and building upon quick wins Maintains stakeholder support Improves incident response capabilities 15 DLP Pitfalls A discussion of lessons learned
17 This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation. Member of Deloitte Touche Tohmatsu Limited
Modernizing compliance: Moving from value protection to value creation
Modernizing compliance: Moving from value protection to value creation John Conrad, Principal Deloitte Risk and Financial Advisory Deloitte & Touche LLP Clarissa Crain, Senior Manager Deloitte Risk and
More informationImplementing Analytics in Internal Audit. Jordan Lloyd Senior Manager Ravindra Singh Manager
Implementing Analytics in Internal Audit Jordan Lloyd Senior Manager Ravindra Singh Manager What does Success Look Like To deliver successful analytical insight as an everyday part of the audit process
More informationManaging FTI Data Compliance. Addressing Publication 1075
Managing FTI Data Compliance Addressing Publication 1075 Introduction Daniel Gabriel, Manager, Security & Privacy Deloitte & Touche LLP Daniel has over nine years of experience providing ERP security and
More informationData Standards in Oil & Gas
Data Standards in Oil & Gas September, 2014 Business challenges currently impacting data standards in the E&P Marketplace Mergers and acquisitions have caused data challenges in identifying common field
More informationEvergreen Solutions Shatter the mold. With Evergreen
Evergreen Solutions Shatter the mold. With Evergreen As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal
More informationCreating a Risk Intelligent Enterprise: Risk sensing
Creating a Risk Intelligent Enterprise: Risk sensing Risk sensing: Insights for sound decision-making The Risk Intelligent Enterprise runs on data that must be monitored, analyzed, and enriched with human
More informationAccelerating application management services automation Time to break out the bots?
Accelerating application management services automation Time to break out the bots? Brochure / report title goes here Section title goes here Contents Introduction 1 A brief look at today s AMS automation
More informationDevSecOps Embedded Security Within the Hyper Agile Speed of DevOps
DevSecOps Embedded Security Within the Hyper Agile Speed of DevOps Mark G. Moore, Managing Director, Deloitte and Touche LLP Antonio L. Bovoso, Senior Manager, Deloitte and Touche LLP What is DevSecOps?
More informationHR Benchmarks for Modern Times
HR Benchmarks for Modern Times Karen O Leonard VP, Analytics & Benchmarking Research Jennifer Krider Senior Research Analyst, Analytics & Benchmarking March 10, 2015 Topics for Discussion Research Objectives
More informationSecuring Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing
The Dbriefs Technology Executive series presents: Securing Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing Vikram Bhat and Irfan Saif, Deloitte & Touche LLP June 2,
More informationManaging Complex Programs Using Predictive Modeling and Simulation. October 7, 2014
Managing Complex Programs Using Predictive Modeling and Simulation Deloitte Consulting LLP October 7, 2014 Agenda Introductions Predictive Modeling for Complex Program Management Questions Deloitte Presenters
More informationCreating a Risk Intelligent Enterprise: Risk governance
Creating a Risk Intelligent Enterprise: Risk governance Risk governance: Overseeing risk and risk management Robust risk governance drives a consistent and coordinated approach to risk across the organization
More informationHR Metrics and Model for Modern Times
HR Metrics and Model for Modern Times Karen Shellenback, Research Manager Bersin by Deloitte, Deloitte Consulting LLP Jennifer Krider, Senior Research Analyst Bersin by Deloitte, Deloitte Consulting LLP
More informationOutsourcing banking processes: The question is no longer if, but how to effectively manage extended enterprises
Outsourcing banking processes: The question is no longer if, but how to effectively manage extended enterprises In today s business environment, banks are continuously facing challenges to reduce their
More informationHCCA Audit & Compliance Committee Conference. February 29-March 1, Drivers of ERM. Enterprise Risk Management in Healthcare.
Enterprise Risk Management in Healthcare Deloitte & Touche LLP Heather Hagan, Senior Manager Nancy Perilstein, Senior Manager February 29, 2016 Discussion Items Drivers of Enterprise Risk Management (ERM)
More informationEnterprise compliance Acting on today s risks to avoid tomorrow s crises
Enterprise compliance Acting on today s risks to avoid tomorrow s crises Enterprise compliance challenges cannot be ignored As many retailers know from recent history, compliance failures can lead to catastrophic
More informationExtended Enterprise Risk Management
Extended Enterprise Risk Management Driving performance through the extended enterprise October 2015 A network within a network The Extended Enterprise is the concept that an organization does not operate
More informationAdopting automation in internal audit Using robotic process automation and cognitive intelligence to fortify the third line of defense
Adopting automation in internal audit Using robotic process automation and cognitive intelligence to fortify the third line of defense The age of automation is here, and with it comes opportunities for
More informationThose who cannot learn from history are doomed to repeat it. - George Santayana
Summary The following summarizes how I rescued a data warehouse project that was on track for a disastrous failure. Purpose: To provide valuable guidance to assist Project Managers on future and existing
More informationRealize and Sustain the Value of Your Micro Focus Implementation
White Paper Professional Services Realize and Sustain the Value of Your Micro Focus Implementation Micro Focus Professional Services provides Solution Management Services to help you fully utilize, manage,
More informationWelcome to the postmodern era for public sector ERP
Welcome to the postmodern era for public sector ERP Time to update your public sector enterprise resource planning (ERP)? Consider a postmodern strategy to address your unique requirements. Welcome to
More informationAligning Resources to Performance and Strategy: The Imperative for the "New Normal"
Aligning Resources to Performance and Strategy: The Imperative for the "New Normal" May 30, 2014 Commander, Navy Installations Command Deloitte Consulting LLP Agenda Introduction About CNIC Imperative
More informationFederal CFO Insights Real solutions to win the fight against improper payments and fraud, waste and abuse
Federal CFO Insights Real solutions to win the fight against improper payments and fraud, waste and abuse Background Federal agencies continue to make great strides to reduce improper payments and to mitigate
More informationThree dimensions of application management services automation After determining why automation is needed, consider the questions of what, how, and
Three dimensions of application management services automation After determining why automation is needed, consider the questions of what, how, and when. Brochure / report title goes here Section title
More informationConnectors Making shared services work at the core of the business rather than on the outskirts
Connectors Making shared services work at the core of the business rather than on the outskirts Connectors Real-time insights on hot topics in service delivery As shared services strategies mature, some
More informationUnlock your digital marketing potential
Unlock your digital marketing potential TOGETHER, WE ARE UNLOCKING YOUR MARKETING POTENTIAL IN THE DIGITAL WORLD. Deloitte Digital and Adobe: Collaboration from insight to impact We have a proven history
More informationUnderstanding employee engagement after a corporate acquisition A global communications company. EngagePath client spotlight
Understanding employee engagement after a corporate acquisition A global communications company EngagePath client spotlight Situation Following a complex corporate acquisition, a global communications
More informationThinking logically about Logical Separation Part of the Wired for Winning series on M&A IT topics
Thinking logically about Logical Separation Part of the Wired for Winning series on M&A IT topics During a carve-out, asset sale or spin-off, there is often insufficient time or readiness to fully separate
More informationTransforming HR to Meet New Business Priorities
Transforming HR to Meet New Business Priorities HR transformation efforts are continuing to shift their focus to business priorities, concentrating on areas such as talent, emerging markets, and the HR
More informationEnterprise Risk Management in Health Care
Enterprise Risk Management in Health Care Deloitte & Touche LLP Ian Waxman, Senior Manager February 23, 2015 Enterprise Risk Management Formal definition of risk: Risk is any event that can adversely affect
More informationISACA San Francisco Chapter
ISACA San Francisco Chapter The 2007 Privacy Panel Rena Mears, CISSP, CIPP, CPA, CISA Partner, Deloitte & Touche LLP March 23, 2007 San Francisco 0 What is Privacy and Why Now? Definition of PII The definition
More informationTalent Strategy. Building Competitive Advantage with Talent
Talent Strategy Building Competitive Advantage with Talent Stacia Sherman Garr Vice President, TM & HR Research Bersin by Deloitte, Deloitte Consulting LLP Agenda for Our Time Today Copyright 2015 Deloitte
More informationInformation Management Strategy
Information Management Strategy What You Need To Know! David Pierce & Lascelles Forrester 1 Copyright 2010 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks
More informationMid-market technology trends: Leveraging disruption to drive value The Dbriefs Private Companies series Anthony Stephan, Principal, Deloitte
Mid-market technology trends: Leveraging disruption to drive value The Dbriefs Private Companies series Anthony Stephan, Principal, Deloitte Consulting LLP Chris Jackson, Senior Manager, Deloitte Consulting
More informationDeloitte Shared Services Conference 2018 Extended lab 4: Internal controls managing risk in the age of digitalisation Ani Sen Gupta and Edward
Deloitte Shared Services Conference 2018 Extended lab 4: Internal controls managing risk in the age of digitalisation Ani Sen Gupta and Edward Litchfield, Deloitte Industry context and direction of travel
More informationBudgetary Resource Risk Management Unliquidated Obligations (ULOs) - Recovery and Prevention September 2014
Improving Resource Effectiveness Budgetary Resource Risk Management Unliquidated Obligations (ULOs) - Recovery and Prevention September 2014 Christina Canavan Senior Manager in the Federal Advisory practice
More informationCarving The Path For Cloud Transition
Carving The Path For Cloud Transition Praveen Mayalur, Specialist Leader The Potential of Cloud Scalability and Reliability On demand scalability for capacity Leverage secure & certified data protection
More informationLeveraging Collaboration to Assess ICD-10 Readiness and Reduce ICD-10 Operational and Financial Risks
Leveraging Collaboration to Assess ICD-10 Readiness and Reduce ICD-10 Operational and Financial Risks MHDC Lunch & Learn December 13, 2012 Melinda Reno, Principal, Deloitte Consulting LLP mereno@deloitte.com
More informationThe Role of the Board in Strategy & Risk. NACD National Conference Power Breakfast October 15, 2012
The Role of the Board in Strategy & Risk NACD National Conference Power Breakfast October 15, 2012 How are risk and strategy addressed at your company? Table discussions 1. At the board-level, how involved
More informationFive Steps to Predictive Analytics
Five Steps to Predictive Analytics Karen O Leonard, Vice President, Benchmarking & Analytics Research Bersin by Deloitte Kathleen Blake McCann, Ph.D., Vice President, Human Resources and Administration;
More informationOracle Cloud ERP - Oil and Gas Industry Enabler for Digital Finance Transformation
GLOBAL SPONSOR October 25, 2018 Oracle Cloud ERP - Oil and Gas Industry Enabler for Digital Finance Transformation Introductions Introductions Howard Glanville Managing Director Deloitte Consulting LLP
More information2017 Deloitte Renewable Energy Seminar Innovating for tomorrow November 13-15, 2017
2017 Deloitte Renewable Energy Seminar Innovating for tomorrow November 13-15, 2017 Jeff Craft, Partner, Deloitte & Touche LLP Valeriy Dokshukin, Partner, Deloitte & Touche LLP Controllership of the future
More informationDeloitte Accelerated Value: SaaS innovation for the digital core. Extending the potential of core systems, addressing tomorrow s needs
Deloitte Accelerated Value: SaaS innovation for the digital core Extending the potential of core systems, addressing tomorrow s needs SaaS innovation for the digital core Extending the potential of core
More informationSocial Analytics in Media & Entertainment The three-minute guide
Social Analytics in Media & Entertainment The three-minute guide Social Analytics in Media & Entertainment The three-minute guide 1 Why it matters now Superior business performance in media and entertainment
More informationOutsourcing transparency evolution
Outsourcing transparency evolution How information transparency creates value across the extended enterprise Outsourcing transparency evolution Transparent communication is evolving for outsource service
More informationHow and Where Organizations are Investing to Help Close Employee Skills Gaps. Corporate Learning Benchmarks & Trends
How and Where Organizations are Investing to Help Close Employee Skills Gaps Corporate Learning Benchmarks & Trends Today s Presenters Ben Carroll Senior Research Analyst Benchmarking and Analytics Bersin
More informationOperational Risk Management (#DOpsRisk) Solutions suite
Operational Risk Management (#DOpsRisk) Solutions suite Design. Operate. Master. Transform. solutions with strong underlying value Our solution offering Strategy and program Measuring success Elevating
More informationCost transparency Helping finance create business value
Cost transparency Helping finance create business value Companies today are under constant pressure to improve profitability and wring cost out of their business. This has prompted them to seek greater
More informationDeloitte s High-Impact HR Operating Model: Business HR. Deloitte Consulting LLP
Deloitte s High-Impact HR Operating Model: Business HR Deloitte s High-Impact HR Operating Model: Business HR The business of Human Resources (HR) is the business HR has a mission: High impact. A new Operating
More informationMachine intelligence ascending
Machine intelligence ascending How robotic process automation, machine learning, and artificial intelligence will help define tomorrow s kinetic enterprise Tech Trends: Machine intelligence ascending Machine
More informationCMMI-SVC V1.3 CMMI for Services Version 1.3 Quick Reference Guide
processlabs CMMI-SVC V1.3 CMMI for Services Version 1.3 Quick Reference Guide CMMI-SVC V1.3 Process Areas Alphabetically by Process Area Acronym processlabs CAM - Capacity and Availability Management...
More informationInnovating Performance Management Series Part 1: How Cisco is Activating Team Excellence with Data Stacia Sherman Garr Vice President, Bersin by
Innovating Performance Management Series Part 1: How Cisco is Activating Team Excellence with Data Stacia Sherman Garr Vice President, Bersin by Deloitte, Deloitte Consulting LLP September 22, 2016 Agenda
More informationInnovating Performance Management Series Part 1: How Cisco is Activating Team Excellence with Data Stacia Sherman Garr Vice President, Bersin by
Innovating Performance Management Series Part 1: How Cisco is Activating Team Excellence with Data Stacia Sherman Garr Vice President, Bersin by Deloitte, Deloitte Consulting LLP September 22, 2016 Agenda
More informationA View from the C-Suite: The Value Proposition of Shared and Global Business Services The Conference Board 20th Annual Global Business and Shared
A View from the C-Suite: The Value Proposition of Shared and Global Business Services The Conference Board 20th Annual Global Business and Shared Services November 2016 A View from the C-Suite: The Value
More informationCGEIT Certification Job Practice
CGEIT Certification Job Practice Job Practice A job practice serves as the basis for the exam and the experience requirements to earn the CGEIT certification. This job practice consists of task and knowledge
More informationMinimizing fraud exposure with effective ERP segregation of duties controls
Minimizing fraud exposure with effective ERP segregation of duties controls Prepared by: Luke Leaon, Manager, RSM US LLP luke.leaon@rsmus.com, +1 612 629 9072 Adam Harpool, Manager, RSM US LLP adam.harpool@rsmus.com,
More informationInternal Audit innovation Structured methods to unlock new value
Internal Audit innovation Structured methods to unlock new value Internal Audit innovation October 17, 2017 Organizations are demanding more from Internal Audit. Senior executives, audit committees, and
More informationStreamline your business processes for far-reaching results. EY s Business Process Management Services practice
Streamline your business processes for far-reaching results EY s Business Process Management Services practice Introduction Today s financial services organizations are facing a number of pressures: Stressed
More informationReimagining IT: Leading technology organizations into the future The Dbriefs Technology Executives series
Reimagining IT: Leading technology organizations into the future The Dbriefs Technology Executives series Anthony Stephan, Principal, Deloitte Consulting LLP Chris Garibaldi, Principal, Deloitte Consulting
More informationGlobal Trade Advisory Trade Automation Innovation
Global Trade Advisory Trade Automation Innovation June 2018 02 The Missing Part of the Global Trade Automation Equation Cost reduction, process efficiency, and exploring cash savings opportunities dominate
More informationTurning Data into Insights Information Management with Deloitte and Informatica
Turning Data into Insights Information Management with Deloitte and Informatica A strategic approach to gaining insights from your data Deloitte enterprise application strategy and implementation services
More informationInternal Audit and Technology Sustainable Analytics
Internal Audit and Technology Sustainable Analytics Neil While, Partner, Internal Audit Analytics Deloitte Advisory December 14, 2015 0 The Four Faces of the Chief Auditor 1 Copyright 2015 Deloitte Development
More informationPartnering with the business to create a successful self-service analytics framework
Partnering with the business to create a successful self-service analytics framework Times are changing; the evolution of an agile but controlled approach to BI It s widely known that the landscape of
More informationManaged analytics The three-minute guide
Managed analytics The three-minute guide Managed analytics The three-minute guide 1 Why it matters now Dive in without drowning Chances are your organization is already moving along on its analytics journey.
More informationImplementing a corporate legal process outsourcing solution. Key considerations before embarking on the legal service delivery transformation journey
Implementing a corporate legal process outsourcing solution Key considerations before embarking on the legal service delivery transformation journey You read it online every day: increasing regulations
More informationUnderstanding RPA ROI
A I Understanding RPA ROI How to Measure It and Why It s Important Sponsored by 1 Introduction Robotic process automation (RPA) can deliver significant benefits to companies of practically any size and
More informationBuilding a Business Case for Talent Analytics
Building a Business Case for Talent Analytics Karen O Leonard, VP, Analytics & Benchmarking Research Sally-Ann Cooke, Research Analyst, HCM Technology Research Contents Why companies are investing in talent
More informationInsurance Accounting & Systems Association (IASA): NY/NJ Chapter Spring 2014
Insurance Accounting & Systems Association (IASA): NY/NJ Chapter Spring 2014 State of Information Security by Deloitte & Touche LLP May 20, 2014 As used in this document, Deloitte means Deloitte & Touche
More informationIt s time to revisit your anti-corruption compliance program How to design an effective and defensible compliance program in response to global trends
It s time to revisit your anti-corruption compliance program How to design an effective and defensible compliance program in response to global trends Many legal and compliance officers are revisiting
More informationEnterprise intelligence in modern shipping
Enterprise intelligence in modern shipping Leveraging commercial and cost performance with data analytics 7th Capital Link Greek Shipping Forum 16 February 2016 Agenda I. What is Enterprise Intelligence?
More informationInfrastructure services delivery planning for M&A: An ounce of prevention Part of the heart of M&A series on M&A technology topics
Infrastructure services delivery planning for M&A: An ounce of prevention Part of the #Tech @the heart of M&A series on M&A technology topics 39 Your company has just entered into an M&A transaction and
More informationOutsourcing Transparency Evolution: Creating Value Across the Third-Party Extended Enterprise
Outsourcing Transparency Evolution: Creating Value Across the Third-Party Extended Enterprise @ComplianceWeek #CW2017 Release for answers to polling questions I understand that any data or information
More informationManaging tax Balancing current challenge with future promise The EYE, Amsterdam, 30 November 1 December 2016
Managing tax Balancing current challenge with future promise The EYE, Amsterdam, 30 November 1 December 2016 Bart Janssen, Deloitte Netherlands Richard Freeman, Deloitte UK David Landers, Deloitte US Using
More informationThink logically about logical separation
Part of the #Tech @the heart of M&A series on M&A technology topics 11 11 During a carve-out, asset sale, or spin-off, there is often insufficient time or readiness to fully separate the Information Technology
More informationPractical Suggestions/Tips for an Effective BSA/AML Compliance Function
Practical Suggestions/Tips for an Effective BSA/AML Compliance Function Governance and Structure; Policies, Procedures and Internal Controls; Training; and Testing Peter C. Fitzgerald Principal May 20,
More informationEverywhere Analytics Bringing Insights to Executive Officers 2016/05/19
Everywhere Analytics Bringing Insights to Executive Officers 2016/05/19 Insights maturity curve 5 different stages of analytics maturity and the capabilities which underpin them Stage 4 Stage 5 Insight
More informationOutsourcing fails when no one connects the pieces
Outsourcing fails when no one connects the pieces Since its emergence in the 1990s, outsourcing has become standard practice in nearly every major business function 1 and industry. The move to outsourcing
More informationCMMI-DEV V1.3 CMMI for Development Version 1.3 Quick Reference Guide
processlabs CMMI-DEV V1.3 CMMI for Development Version 1.3 Quick Reference Guide CMMI-DEV V1.3 Process Areas Alphabetically by Process Area Acronym processlabs CAR - Causal Analysis and Resolution...
More informationEnterprise. Service. Transformation. Deloitte driving your digital service excellence with ServiceNow
Enterprise. Service. Transformation. Deloitte driving your digital service excellence with ServiceNow Enterprise. Service. Transformation. Deloitte driving your digital service excellence with ServiceNow
More informationHow to Get the Most Out of Your Guidewire Platform With Shared Services
POINT OF VIEW INSURANCE APPLICATION SERVICES How to Get the Most Out of Your Guidewire Platform With Shared Services APRIL 2018 2018 NTT DATA, Inc. All rights reserved. NTT DATA Services Point of View
More informationTransformation in the Internal Audit Function Neil White October 5, 2017
Transformation in the Internal Audit Function Neil White October 5, 2017 2017 Deloitte Global Chief Audit Executive (CAE) Forum Key Opportunities Key Insights Deliver advanced analytics and visualization
More informationRich Mobile Content. by DigitalMIX. Dynamically publish content without changing a single line of code
Rich Mobile Content by DigitalMIX Dynamically publish content without changing a single line of code Field enablement backed by integrated digital content Today s workforce needs content that is mobile,
More information4/26. Analytics Strategy
1/26 Qlik Advisory As a part of Qlik Consulting, Qlik Advisory works with Customers to assist in shaping strategic elements related to analytics to ensure adoption and success throughout their analytics
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationSolve for now. Build for next. The Deloitte Audit
Solve for now. Build for next. The Deloitte Audit 2 Solve for now. Build for next. The Deloitte Audit Your audit should fit you your industry, financial statements, and stakeholders; your data and technology;
More informationHigh-Impact Succession Management Revealed
High-Impact Succession Management Revealed Key Findings and Maturity Model Kim Lamoureux VP Leadership & Succession Research Deloitte Consulting LLP January 29, 2015 Agenda Top 10 Key Research Findings
More informationBusiness Risk Intelligence
Business Risk Intelligence Bringing business focus to information risk It s a challenge maintaining a strong security and risk posture. CISOs need to constantly assess new threats that are complex and
More informationEvolving Performance Management Series (Part 6)
Evolving Performance Management Series (Part 6) Juniper Networks Performance Management Evolution Candace Atamanik, Research Manager, Talent Management Research, Bersin by Deloitte Deloitte Consulting
More informationTalent Management in Growth Markets: India
Talent Management in Growth Markets: India Stacia Sherman Garr, Vice President, Talent Management and HR Research Candace Atamanik, Research Manager Talent Management Research Bersin by Deloitte Deloitte
More informationCreate Experiences. Build Customers. Drive Sales.
Create Experiences. Build Customers. Drive Sales. This page has been intentionally left blank In every market, in every minute, digital raises the bar Your customers are always connected. They know your
More informationHow to build construction management processes
How to build construction management processes Over the last three years Deloitte CIS has analyzed the implementation costs of more than 30 construction projects. Based on the statistics, losses of funds
More informationPredictive Project Analytics 2.0 Keep your project on target with Deloitte s data-driven insights. Risk Advisory
Predictive Project Analytics 2.0 Keep your project on target with Deloitte s data-driven insights Risk Advisory 1 It s time for a new methodology According to Project Management Institute Research >50
More informationPeople analytics: Actionable insights are the new mandate The Dbriefs HR Executives series
People analytics: Actionable insights are the new mandate The Dbriefs HR Executives series Lisa Disselkamp, Managing Director, Deloitte Consulting LLP David Fineman, Specialist Leader, Deloitte Consulting
More informationHigh-Impact Succession Management The Performance Model: Key Drivers and Talent Outcomes Andrea Derler, Ph.D., Research Manager, Leadership &
High-Impact Succession Management The Performance Model: Key Drivers and Talent Outcomes Andrea Derler, Ph.D., Research Manager, Leadership & Succession Management Christina Rasieleski, Lead Member Advisory
More informationContents An Introductory Overview of ITIL Service Lifecycle: concept and overview...3 I. Service strategy...6 The 4 P's of ITIL Service
ITIL 2011 Notes Contents An Introductory Overview of ITIL 2011...3 Service Lifecycle: concept and overview...3 I. Service strategy...6 II. The 4 P's of ITIL Service Strategy...6 Key processes and activities...7
More informationAuditing Agile projects Your grandfather s audit won t work here!
Your grandfather s audit won t work here! Auditing Agile projects For many companies, Agile methodologies are beginning to gain ascendancy over traditional Waterfall development. With their focus on speed,
More informationDeloitte Discovery Advisory Enabling an agile response to discovery, investigatory, and regulatory requests
Deloitte Discovery Advisory Enabling an agile response to discovery, investigatory, and regulatory requests 2018 Deloitte Discovery Advisory The Deloitte approach Deloitte Discovery Advisory The Deloitte
More informationTalent Management in Growth Markets: China
Talent Management in Growth Markets: China Stacia Sherman Garr, Vice President, Talent Management and HR Research Candace Atamanik, Research Manager Talent Management Research Bersin by Deloitte Deloitte
More informationModernizing Compliance: Evolving From a Foundational Program to a Value-Creating Strategic Partner
Modernizing Compliance: Evolving From a Foundational Program to a Value-Creating Strategic Partner @ComplianceWeek #CW2017 Moderator: Nicole Sandford Partner Deloitte & Touche Timothy Cercelle Managing
More informationActionable enterprise architecture management
Enterprise architecture White paper June 2009 Actionable enterprise architecture management Jim Amsden, solution architect, Rational software, IBM Software Group Andrew Jensen, senior product marketing
More information