THANK YOU FOR SUBSCRIBING
Editor's Pick (1 - 4 of 8)

Relevance of Generalists vs Specialists in Enterprise Security Management
Vishwanath Nair, Head of Information Security and Risk, Western Sydney Local Health District


Vishwanath Nair, Head of Information Security and Risk, Western Sydney Local Health District
1. Applicability and compliance relevant Operational Policies and Regulations
2. Assurance and partnership as new business strategies are launched
3. Assurance and partnership as Mergers and Acquisitions proceed
• Single window of risks and with associated impact in simple business terms and outcomes
• Timely transactional analysis to identify dependencies, critical paths and alternate paths
• Clear, Precise and Unambiguous business reporting with suggestions on mitigating risks with information to support prioritisation
• Early warning signals providing situational awareness and guide planning
WHAT:
To ensure success and effective performance of Enterprise Security and Governance a major change of approach is required. A new function of Trusted Advisors need to be created for this changed approach. These Trusted Advisors could be the bridge between Enterprise Security management and business units.
Key capabilities required for this role are:
• Ability to steer risk based decision making by complementing technical risks with business impacts
• Be able to provide inputs in risk vs. opportunity discussions
• Have an optimum mix of both technical and business knowledge to be able to provide sound recommendations
• Function as an insulating layer between various Enterprise Security and Governance units and the business operations
• Program manage process and technology improvement initiatives to meet quality and budgetary requirements
Value of Trusted Advisor can be explained by the following example.
Consider the scenario when one of your business unit plans for Digital Transformation of their key processes. The Security Trusted Advisor can enable this outcome in the various stages of the program as below.
HOW:
A Trusted Advisory can be implemented in one of three ways or a combination.
Each organisation and its dynamics are unique and must adopt the most feasible approach as per its own set up.
CONCLUSION:
In this fast-moving world of agility and close business-IT partnerships, there is more need for a collaborative approach to solve business problems and risks. Establishing a Trusted Advisory function helps deliver below benefits:
• Business Aware Decision Making
• Effective Detection Controls
• Automatic Compliance
• Resource Optimization
• Continuous Improvements