The Global State of GRC Standards - What are these & why needed ?

Governance, risk management and compliance (GRC) - is defined as

the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity."  OR in other words it helps in "keeping an organization on track".   GRC is a discipline that aims to synchronize information and activity across governance, and compliance in order to operate more efficiently, enable effective information sharing, reporting and avoid wasteful overlaps/duplication of efforts. Although interpreted differently in various organizations, GRC typically encompasses activities such as  Governance, enterprise risk management (ERM) and corporate compliance with applicable laws and regulations. Each of these three disciplines creates information of value to the other two, and all three impact the same technologies, people, processes and information. And in order to integrate the varying requirements - organizations need to standardize their operations / processes.  And  there are different international standards covering specific disciplines.   We will be covering some of the standards during this presentation and as brief on their requirements.

• • Understand and apply leading practices from disciplines outside of your core profession
  • Work with your peers in other departments to solve complex problems
  • Become a valued advisor to the business 
  • Gain career mobility and increase your compensation
  • understand what are the professional certifications which could further your career 

  

Speaker - Khawaja Faizal Javed.

CISA, CRISC, BCMS LA, CBCP, CSA STAR, ECSA, ISMS LA, ITSM LA, ITIL v3, MCP

Mr. Faisal Javed possess rich and diversified field experience of around 25+ years in field of ICT GRC (Governance, Risk management and Compliance),  IT / ISMS Auditing, BCP/DRP Implementation / Auditing,  IT Security, Cloud computing deployments, Cloud computing security & compliance Audits, IT Service Management (ITIL), System Analysis & Design, BPR, Project management, Datacenter Operations,  ICT infrastructure-Networking,  IT Budgeting, IT policies deployment and other related fields.

Currently working as Senior Manager of Operations, in a world leading Certification body, having diversified. His achievements of the last two decades have been recognized internationally and he was awarded with SHOWCASED HONOREE AWARD for “Senior Information Security Professional, Asia-Pacific-2012” by ISC2, USA which is the highest award for the Information Security profession world-wide. 

He is having extensive experience of training (6000+ HRS) and has trained more than 4000 individuals and he has conducted 1000+ third party audits / assessments of large enterprises in around 48 countries worldwide in five continents- (USA / Netherlands/ Australia/ Portugal / Malaysia / Singapore / Taiwan / Thailand / Indonesia / Philippines / Saudi Arabia / Egypt / Mauritius / South Africa / Qatar / Kuwait /UAE /Oman / Bahrain / Kenya etc.) against different international standards/frameworks as a lead auditor/trainer for COBIT5, ITIL v3, ISO27001, ISO20000, ISO22301, ISO9001,  Cloud computing and other IT Governance, Security, Business continuity and IT Service management frameworks.

Co-author of "ISMS Auditing Guide" for inclusion into ISO 27007-Information technology - Security techniques - Guidelines for information security management systems auditing.  Also, Co-developer of "ISO 27001 Implementation Guide and Metrics".

One of the prominent / keynote speaker at the International Forums and Conferences. Well-organized, results oriented with solid management skills, capable of leading & motivating individuals to maximize levels of productivity in a team environment. A trainer / Coach / Mentor and ability of communicate in an effective manner with string focus on building strong client relationships

past-events