June 13, 2017

Governance and Compliance

“Strategy without tactics is the slowest route to victory.  Tactics without strategy is the noise before defeat.” Sun Tzu

Data governance encompasses the individuals, processes, and information technology required to create consistent and appropriate conduct of the organisation’s data across the business enterprise.  Goals may be defined at all levels of the enterprise and doing so may aid in acceptance of processes by those who will need to use them.

 Primary goals for information and technology governance:

  • Assure that the use of information and technology generates business value
  • Oversee management’s performance
  • Mitigate the risks associated with using information and technology

When your organisation is enabled to control access to sensitive data by understanding and defining user privileges, privileged access, monitoring user activity and any changes to the organisations directories, data repositories or databases etc and required procedures and processes are in place, some compliance requirements can be achieved and insider threats can be minimised.

Focus:

  • Multifactor Authentication, HSM and Data Encryption
  • Identity and Access Management
  • Privileged Access Management
  • Compliance with Regulatory Bodies
  • Data Control and Data Leak Prevention
  • Data Classification
  • Policy Creation/Modification
  • Education