Creating GRC Management Systems by integrating various ISO Standards and industry best practices

Summary:

To create and run a Governance Risk and Compliance (GRC) Management System for the Information Technology Domain, various ISO Standards and other industry best practices may be relevant. To name but a few: ISO 20000 (Service Management), ISO 22301 (Business Continuity), ISO 27001 (Information Security), ISO 27005 (Information Risk Management), ISO 31000 (Risk Management), ISO 38500 (Corporate Governance of Information Technology), ITIL, CobiT, all these may offer guidance and advise. Creating a hybrid Management System by combining the concepts of multiple Standards, Frameworks and best practices can result in an effective and efficient solution that meets the requirements of a variation of organizational stakeholders while minimizing the duplication of effort.

 

Learning outcomes:

About the speaker:

This webinar will be presented by Arno Kapteyn, a management consultant and trainer, who helps organizations design, implement and run management systems for the Information Technology Domain. Working for various multinational organizations he has created a variety of solutions to meet stakeholder’s requirements related amongst others to Information Security, Business Continuity, Service Management, Information Governance, Information and Operational Risk Management and various legal compliancy requirements. As a result of his in depth knowledge combined with years of practical experience working in a variety of countries, he can identify the difficulties and synergies of combining various industry best practices and standards. Besides his primary role as a management consultant, he is also a certified trainer for various ISO standards and industry best practices including: ISO 2000, ISO 27001, ISO 27005, ISO 31000, ISO 38500 and CobiT.

 

Trainer: Arno Kapteyn

 

Organizer: Britt Ajvazi