Insights on governance, risk and compliance 10 IT IT
...2...4...6...8...10 IT...12...14 IT...16...18...20...22...24 iii Insights on governance, risk and compliance
IT IT??? IT 10 IT 10 IT Insights on governance, risk and compliance 1
IT EY: Turning risks into results: how leading companies use risk management to fuel better performance 3 IT 1. : 2. : 3. : /?? IT IT 10 IT IT IT 2 Insights on governance, risk and compliance
IT IT IT IT IT SOX IT IT IT IT IT IT IT IT 1 1 SOX 302 IT IT IT GRC IT IT IT IT IT IT SOX IT IT IT IT 2 4 IT SOX IT PCI FISMA HIPAA ISO27001 IT Insights on governance, risk and compliance 3
IT Insights on governance, risk and compliance Fighting to close the gap: Ernst & Young s 2012 Global Information Security Survey 2012 : 2012 http://www.ey.com/gl/en/services/ Advisory/Advisory-Services_Information- Security-Services 4 Insights on governance, risk and compliance
Threat and Valunability Management TVM IT? IT?? TVM? TVM? TVM /IT????? Insights on governance, risk and compliance 5
2011 3 Business Continuity ManagementBCM BCM BCM EY 2012 BCM 12 BCM IT BCM BCM IT IT BCM Insights on governance, risk and compliance Ready for the challenge: integrated governance the key to effective business continuity management : http://www.ey.com/gl/en/services/ Advisory/Integrated-governance--- effective-business-continuity-management--- Ready-for-the-challenge 6 Insights on governance, risk and compliance
IT IT????????? IT Insights on governance, risk and compliance 7
OS IT Insights on IT risk Technical briefing モバイル機器のセキュリティ Mobile device security: understanding vulnerabilities and managing risk : 脆弱性の理解とリスクの管理 http://www.ey.com/gl/en/services/ Advisory/Advisory-Services_Information- Security-Services 8 Insights on governance, risk and compliance
IT BYOD Bring Your Own Device?????????? Insights on governance, risk and compliance 9
IT IT IT IT Service Level AgreementsSLA IT Insights on governance, risk and compliance Ready for takeoff: preparing for your journey into the cloud Ready for takeoff: Ready for takeoff http://www.ey.com/gl/en/industries/ Technology/Cloud-computing-issues--- impacts-and-insigts---a-fundamental-shiftinthe-industry 10 Insights on governance, risk and compliance
SOC 1 2 3 SLA IT SLA IT?? IT???? SLA? SLA?? IT? Insights on governance, risk and compliance 11
IT IT IT IT IT IT IT IT? IT?? IT Insights on IT risk Business briefing The evolving IT risk landscape: the why and how of IT risk management today IT IT IT : IT http://www.ey.com/gl/en/services/ Advisory/Technology-risk-managementin-a-cyber-world--a-C-suite-responsibility- Whats-the-fix 12 Insights on governance, risk and compliance
IT IT IT IT?? IT? IT IT IT IT?? IT? IT IT IT? IT? ITIT?? IT IT IT IT IT? IT? IT? IT IT? /GRC GRC GRC GRC? GRC? GRC? GRC?? IT? Insights on governance, risk and compliance 13
IT IT 2015 5.3% 1 IT 20 50% IT 1 : Building confidence in IT programs: facilitating success through program risk management EY 2011 Insights on governance, risk and compliance Strategy deployment through portfolio management: a risk-based approach : http://www.ey.com/gl/en/services/ Advisory/Strategy-deployment-throughportfolio-management-Portfoliomanagement-challenges 14 Insights on governance, risk and compliance
IT??????? IT Insights on governance, risk and compliance 15
IT IT IT IT IT IT CIO IT IT 20% IT IT IT IT IT IT Effective software asset management: how to reap its benefits http://www.ey.com/gl/en/services/ Advisory/IT/IT-risk-library-page IT IT IT IT IT 16 Insights on governance, risk and compliance
IT IT IT IT IT IT ERP IT IT IT IT IT IT?? IT??? IT? IT IT? IT Insights on governance, risk and compliance 17
IT IT IT Twitter Facebook LinkedIn Twitter Facebook Protecting and strengthening your brand: social media governance and strategy : IT Insights on IT risk Business briefing IT IT IT http://www.ey.com/gl/en/services/ Advisory/IT/IT-risk-library-page 18 Insights on governance, risk and compliance
IT IT IT??????? IT Insights on governance, risk and compliance 19
May 2010 Segragation of DutiesSoD SoD SoD SoD SoD SoD SoD IT GRC ITSoD SoD SoD IT ERP IT ERP IT SoD Insights on governance, risk and compliance A risk-based approach to segregation of duties http://www.ey.com/gl/en/services/ Advisory/IT/IT-risk-library-page A risk-based approach to segregation of duties 20 Insights on governance, risk and compliance
SoD IT SoD SoD IT ERP SoD SoD SoD SoD GRC IAM/GRC SoD IT SoD IT? ERP? SoD? SoD?? SoD? SoD? GRC SoD? SoD? Insights on governance, risk and compliance 21
USB Data Loss PreventionDLP DLP??? : 2012 Fighting to close the gap: Ernst & Young s 2012 Global Information Security Survey 81% EY 2012 IT IT 3? Insights on IT risk Business briefing Insights on governance, risk and compliance Data loss prevention: keeping your sensitive data out of the public domain Data loss prevention: http://www.ey.com/gl/en/services/ Advisory/IT/IT-risk-library-page Data loss prevention 機密データの漏えいを防ぐために Privacy trends 2013: the uphill climb continues 2013: http://www.ey.com/gl/en/services/ Advisory/IT/IT-risk-library-page 2013 22 Insights on governance, risk and compliance
DLP IT??????? HIPAA?? Insights on governance, risk and compliance 23
IT IT 24 Insights on governance, risk and compliance
EY Assurance Tax Transactions Advisory EY EY EY ey.com EY EY www. shinnihon.or.jp 2013 Ernst & Young ShinNihon LLC. All Rights Reserved. EY Japan 03 3503 3500 azuma-yshhr@shinnihon.or.jp 03 3503 1704 yokokawa-hrysh@shinnihon.or.jp Global Paul van Kessel +31 88 40 71271 paul.van.kessel@nl.ey.com Randall J Miller +1 312 879 3536 randall.miller@ey.com Americas Michael L. Herrinton +1 703 747 0935 michael.herrinton@ey.com Bernard R. Wedge +1 404 817 5120 bernard.wedge@ey.com Europe, Middle East, India and Africa (EMEIA) Jonathan Blackmore +44 20 795 11616 jblackmore@uk.ey.com Manuel Giralt Herrero +34 91 572 7479 manuel.giraltherrero@es.ey.com Asia-Pacific Jenny S. Chan +86 21 2228 2602 jenny.s.chan@cn.ey.com Rob Perry +61 3 9288 8639 rob.perry@au.ey.com SCORE no. AU1458 ED 0114 100-6028 2 5 28F Tel: 03 3503 2846 E-mail: AS-Markets@shinnihon.or.jp