U S E M ETRICS DASHBOA R D S E N T E R P R I SE SEC URITY RISKS. Session 5302
|
|
- Stephanie Lucas
- 5 years ago
- Views:
Transcription
1 1 U S E M ETRICS DASHBOA R D S TO M ANAGE E N T E R P R I SE SEC URITY RISKS Session 5302
2 M E T R I C S D A S H B O A R D S 2 Moderator Cheryl Stone Director, Corporate Security & Safety RAND Corporation Presenter Peter Ohlhausen President Ohlhausen Research, Inc. Presenter Daniel McGarvey Senior Principal Business Process Analyst Alion Science and Technology Presenter Richard Weaver Chief Security Officer Head, Security Svcs Dept. Johns Hopkins University Applied Physics Laboratory S E S S I O N S U P P O R T E D B Y A S I S F O U N D AT I O N A N D A S I S D E F E N S E A N D I N T E L L I G E N C E C O U N C I L 2
3 M E T R I C S D A S H B O A R D S 3 O U T L I N E I. ASIS Foundation metrics research project, Security Metrics Evaluation Tool, and ongoing research II. III. Presenting metrics data to C-suite Metrics dashboards for decision making and ROI demonstration 3
4 M E T R I C S D A S H B O A R D S 4 A S I S F O U N DAT I O N M E T R I C S R E S E A R C H Persuading Senior Management with Effective, Evaluated Security Metrics (2014) Nine criteria for evaluating metrics --Reliability, Validity, Generalizability --Cost, Timeliness, Manipulation --ROI, Org. Relevance, Communication Library of evaluated metrics Please contribute your metric at 4
5 M E T R I C S D A S H B O A R D S 5 S E C U R I T Y M E T R I C S E VA L UAT I O N T O O L ( S E C M E T ) Discern strong and weak points of a security metric Refine metric to optimize its scientific merit, operational reasonableness, and strategic relevance More persuasive to senior management 5
6 6 C R I T E R I O N 5 : T I M E L I N E S S Extent to which metric data can be gathered in a timely fashion so the results can have an impact. The data for this metric is out-of-date by the time it can be gathered and interpreted; the data collection process is very time-consuming; the data is unlikely to have an impact (as it does not reflect current conditions). The data for this metric is fairly up-to-date by the time it can be gathered and interpreted; the data collection process is somewhat time-consuming; the data is somewhat likely to have an impact (as it somewhat reflects current conditions). The data for this metric is very up-to-date when gathered and interpreted; the data collection process is not timeconsuming; the data is very likely to have an impact (as it reflects current conditions)
7 M E T R I C S D A S H B O A R D S 7 I T S I M P O R TA N T T O T H I N K A B O U T T H E WAY O N E M A K E S D E C I S I O N S Halo effect Outcome/hindsight bias Confirmation bias Regression to the mean Wet bias A I M F O R L E S S W R O N G N E S S 7
8 M E T R I C S D A S H B O A R D S 8 K A R L P O P P E R, P H I L O S O P H E R O F S C I E N C E How can we hope to detect and eliminate error? By criticizing the theories or guesses of others and if we can train ourselves to do so by criticizing our own theories or guesses. Conjectures and Refutations: The Growth of Scientific Knowledge,
9 9 O B S E R VAT I O N S O N N E W M E T R I C S Metric of completed guard tours: does it discourage stopping to address a problem? Metric of driving time saved by conducting investigations long-distance: does it adequately consider quality factors or lean toward speed, convenience, and cost? 9
10 10 P R E S E N T I N G M E T R I C S TO C - S U I T E Corporate management tends to view security as overhead (cost center, not production center) and security metrics as merely measuring activity, not value. Security benefits are difficult to measure compared to the benefits of profit centers. Security professionals often lack the skills or time to create and administer effective metrics. Thus, current security metrics, in practice, are generally not compelling and are often not taken seriously (Rothke, 2009). 10
11 11 P R ESENTING METRICS TO C - S U I T E Make Metrics Compelling: an overview Present metrics that are aligned with the organization s objectives or risks or that measure the specific issues management is most interested in. Present metrics that meet measurement standards. Tell a story. Use graphics, and keep presentations short. Present metric data regularly. 11
12 12 P R ESENTING METRICS TO C - S U I T E Align with Organizational Objectives and Risks Risk: Metrics-based approach helps senior management understand the level of risk in site selection and make informed decisions on risk management. ROI: There is a clear link between reducing shrinkage and saving money. Your metrics must demonstrate that investment in security technology led to reduced losses. 12
13 13 Risk Vs Return on Investment 13
14 14 P R ESENTING METRICS TO C - S U I T E Present Metrics That Meet Measurement Standards Metrics are quantitative and exude scientific authority. However, if metric is based on invalid or unreliable data, you cannot draw accurate conclusions from it and it will lack external credibility. A metric that has been properly designed from a scientific point of view and that has been evaluated against a testing tool (such as the Security MET) may appear more valuable and persuasive to senior management. Using a metric that meets measurement standards also provides an objectivity that aids decision-making. 14
15 15 Risk Measurement Standards Pherson associates, llc. all rights reserved. 15
16 16 P R ESENTING METRICS TO C - S U I T E Tell a Story Can be a story about the specific risk that security is attempting to mitigate, as well as the consequences if the event occurs. Be straightforward about risk and uncertainties. Part of a compelling story is the unfolding of events over time. Metrics can show progress toward meeting a specific strategic goal. Benchmarking can enrich a story if it is aligned with strategic organizational goals. Benchmarking provides the opportunity to ascertain where company stands on a given metric in relation to its competitors. 16
17 17 Security Threat Risk Mitigation 17
18 18 P R ESENTING METRICS TO C - S U I T E Use Graphics, and Keep Presentations Short Keep it simple and clear. Present a few short bullet points top-level information only, rather than complex charts and graphs. Less is more. Pick graphics that get your points across. One graphic = 1,000 words. Keep presentation short (but still tell a story). Present metrics in the style or format management uses. 18
19 19 19
20 20 P R ESENTING METRICS TO C - S U I T E Present Metric Data Regularly Data ages over time. Distinguishing metrics that are time-sensitive from those that provide value over time will enhance the overall value of metrics. Comparing historical data against current data will show trends. Do not hide painful data from management. Good metrics are the key to demonstrate ROI. 20
21 21 S E C U R I T Y M E T R I C S : W H AT T O M E A S U R E? S O M E G U I D I N G P R I N C I P L E S Be mindful that the process of collecting data and reporting metrics can be extremely time consuming and may unintentionally divert staff from performing work that needs to get done Therefore, confine metrics to only those things that provide useful insight into aspects of operations that are actionable and will lead to delivering improved service to customers and/or will reduce security risks Make every effort to determine the most critical concerns of senior management, and implement metrics that link to those concerns and that will demonstrate value and return on investment To the extent possible, leverage technology and automation to collect and analyze metrics data, thereby avoiding or minimizing manually intensive processes 21
22 22 T H E $ 6 4, Q U E S T I O N : W H AT TO M E A S U R E? Example: Enterprise Classified IT Security - Number of Systems Administrators and ISSOs - Number of Systems (overall) - Number of Networked Systems - Number of WANs - Number of Classified SSP Submissions - Number of Incomplete SSP Submissions Returned - Number of Classified ATOs Received - Number of Users Trained - Number of Authentication Tokens Distributed - Media Write Access Authorized - Number of Privileged Users - Number of Authorized Data Transfer Agents - Number of Classified VTCs Conducted - Number of Mobile Devices - Number of IT related Security Violations and Infractions - Number of Systems Involved in a Classified Spill - Median Number of Days to Receive a Classified ATO - Results of Accreditation/Oversight Inspections - Results of Customer Satisfaction Surveys 22
23 23 S E L E C T I N G M E T R I C S T H AT B E S T F I T YO U R S E C U R I T Y O P E R AT I O N S ( V 3 ) Volume Numbers (counts) to track and assess level of security activity Easiest to collect Useful in defending, adjusting and seeking additional resources Velocity Data to capture and assess speed of delivering a security product or service Useful in evaluating process efficiencies and identifying opportunities for improvement Helpful in communicating expectations to customers, partners and stakeholders 23
24 24 Value S E L E C T I N G M E T R I C S T H AT B E S T F I T YO U R S E C U R I T Y O P E R AT I O N S ( V 3 ) Metrics to demonstrate the importance of Security to the overall health and productivity of an organization, capturing key care-abouts of senior management Harder to identify, develop and measure Highlights Return on Investment (ROI) by answering so what questions May include Volume and Velocity data but will be outcome oriented Helpful in providing high-level situational awareness of threats, vulnerabilities and success of mitigating countermeasures Assists Senior Management in making decisions to accept risk, or to take action to lower risks Displays/dashboards are useful, and anecdotes (stories, narrative example and explanations) are important to accompany numbers 24
25 25 Volume S E L E C T I N G M E T R I C S T H AT B E S T F I T YO U R S E C U R I T Y O P E R AT I O N S ( V 3 ) : S O M E E X A M P L E S Visit requests and clearance certifications processed; badges/tokens fabricated and issued; internal access control transactions; security incidents reported; foreign travel and other Security/CI awareness briefings administered Velocity Personnel Security clearance cycle time (nomination to indoctrination); IT accreditations (timelines associated with submission of plans to ATO); response time to alarm annunciations and other emergency circumstances Value Corporate savings (cost avoidance) attributable to security actions taken; security systems reliability; compliance inspection, audit and red team assessment results; elimination or reduction of undesirable events 25
26 26 D ATA TO D A S H B O A R D O N E WAY I T S D O N E : Data is collected both in real time and on a periodic basis, depending on customer and senior management requirements, and on intended use in security operations, to include adjustment of resources Data is collected from a variety of sources: Excel spreadsheets, external SASS (Service Now) and other databases; subsequently using Microsoft SSIS, data is loaded and transformed into Microsoft SQL Server database Once data is collected and aggregated in a local data mart, then metrics are calculated and displayed via a SharePoint portal utilizing Power BI 26
27 27 27
28 28 28
29 29 29
30 30 30
31 31 31
32 32 32
33 33 33
34 34 34
35 35 35
36 36 36
37 37 37
38 38 P R E S E N T I N G P I C T O R I A L D I S P L AY S O F M E T R I C S D ATA T O S E N I O R M A N A G E M E N T : T H E G O L D E N R U L E CHARTS, GRAPHS, DASHBOARDS, DIAGRAMS, TABLES AND ILLUSTRATIONS SHOULD BE USED ONLY SELECTIVELY AS A TOOL TO MAKE KEY POINTS 38
Risk-Incidents: Same Playground, Different Castles. Brian C. McIlravey
Risk-Incidents: Same Playground, Different Castles Brian C. McIlravey 1 First..Let s Talk About Boats!! 2 Risk & Incidents: Same Sand Different Castles Risk & Incidents: Same Sand, Same Castles: Different
More informationwmi & microsoft partnership
wmi services. company overview WHO: WMI was founded on the premise that collaboration is the key to success. Over the past 15 years, we have built a global operations and technology consulting firm that
More informationREPORT NO DECEMBER 2011 UNIVERSITY OF NORTH FLORIDA. Operational Audit
REPORT NO. 2012-064 DECEMBER 2011 UNIVERSITY OF NORTH FLORIDA Operational Audit BOARD OF TRUSTEES AND PRESIDENT Members of the Board of Trustees and President who served during the 2010-11 fiscal year
More informationSAMPLE REPORT. Service Desk Benchmark DATA IS NOT ACCURATE! Outsourced Service Desks
h SAMPLE REPORT DATA IS NOT ACCURATE! Service Desk Benchmark Outsourced Service Desks Report Number: SD-SAMPLE-OUT-0617 Updated: June 2017 MetricNet s instantly downloadable Service Desk benchmarks provide
More informationWhite Paper. Not Just Knowledge, Know How! Artificial Intelligence for Finance!
` Not Just Knowledge, Know How! White Paper Artificial Intelligence for Finance! An exploration of the use of Artificial Intelligence (AI) in the management of Budgeting, Planning and Forecasting (BP&F)
More informationTHE BLOCKCHAIN DISRUPTION. INSIGHT REPORT on Blockchain prepared by The Burnie Group
THE BLOCKCHAIN DISRUPTION INSIGHT REPORT on Blockchain prepared by The Burnie Group NOVEMBER 2017 BUILDING VALUE Business networks create value. The efficiency of business networks is a function of the
More informationAnalytic measures of credit capacity can help bankcard lenders build strategies that go beyond compliance to deliver business advantage
How Much Credit Is Too Much? Analytic measures of credit capacity can help bankcard lenders build strategies that go beyond compliance to deliver business advantage Number 35 April 2010 On a portfolio
More informationResources2 Energy. Effective Valuation of Integrated Operations. Integrated Upstream Operations Conference. Norway
Resources2 Energy Effective Valuation of Integrated Operations Integrated Upstream Operations Conference Norway October, 2007 consultants serving the energy industry Our Industry Mindset Unlike most industries,
More informationEffective Corporate Budgeting
Effective Corporate Budgeting in 8 Easy Steps This ebook will offer 8 easy and easy and proven steps for improving your corporate budgeting and planning process. You will see that by making a few small
More informationUnderstanding Enterprise Risk Management: An Overview
Understanding Enterprise Risk Management: An Overview 05/2016 What is Risk? An uncertain event It exists in the future Has a cause and effect Impacts objectives Its effect may be positive and/or negative
More informationWORKFORCE MOBILITY BENCHMARK REPORT: VEHICLE EDITION
WORKFORCE MOBILITY BENCHMARK REPORT: VEHICLE EDITION 2017 CONTENTS INTRODUCTION 2 KEY FINDINGS 3 MARKET CHALLENGES 4 METHODOLOGY 6 Respondents by Industry 7 Respondents by Annual Revenue 7 Respondents
More informationKeeping Score: Best Practices for Risk Management Reporting
Keeping Score: Best Practices for Risk Management Reporting 1/4 Keeping Score: Best Practices for Risk Management Reporting John Schaefer Risk Management Information Systems (RMIS) are designed to capture,
More informationSAMPLE REPORT. Contact Center Benchmark DATA IS NOT ACCURATE! Outsourced Contact Centers
h SAMPLE REPORT DATA IS NOT ACCURATE! Contact Center Benchmark Outsourced Contact Centers Report Number: CC-SAMPLE-OUT-0617 Updated: June 2017 MetricNet s instantly downloadable Contact Center benchmarks
More informationMorningstar Direct Portfolio Analysis & Equity Attribution
Morningstar Direct Portfolio Analysis & Equity Attribution Portfolio Analysis is Morningstar Direct s web-based solution for manager research and due diligence. This tool will provide you with the data,
More informationSAMPLE REPORT. Contact Center Benchmark DATA IS NOT ACCURATE! In-house/Insourced Contact Centers
h SAMPLE REPORT DATA IS NOT ACCURATE! Contact Center Benchmark In-house/Insourced Contact Centers Report Number: CC-SAMPLE-IN-0617 Updated: June 2017 MetricNet s instantly downloadable Contact Center benchmarks
More informationBENCHMARK ANALYSIS ON- LAND PIPELINE SAFETY SYSTEMS
BENCHMARK ANALYSIS ON- LAND PIPELINE SAFETY SYSTEMS Elise DeCola, Nuka Research and Planning Group, LLC Interspill 2015 Abstract Onshore pipelines provide a critical transportation mode for liquid petroleum
More informationPLAN FOR ASSESSMENT OF INSTITUTIONAL EFFECTIVENESS AND STUDENT LEARNING
Community College of Allegheny County PLAN FOR ASSESSMENT OF INSTITUTIONAL EFFECTIVENESS AND STUDENT LEARNING Prepared by: Office of Planning & Institutional Research Office of Learning Outcomes & Achieving
More informationCertified Enterprise Risk Professional (CERP) Test Content Outline
Certified Enterprise Risk Professional (CERP) Test Content Outline SECTION 1: RISK GOVERNANCE Domain 1: Board and Senior Management Oversight (8%) Task 1: Provide relevant, timely, and accurate information
More informationApproved Business Plan and Budget. Florida Reliability Coordinating Council, Inc.
Approved 2015 Business Plan and Budget Florida Reliability Coordinating Council, Inc. Approved: 6/25/2014 Table of Contents Introduction... 3 Organizational Overview... 3 Membership and Governance... 4
More informationComparison of Risk Analysis Methods: Mehari, Magerit, NIST and Microsoft s Security Management Guide
Comparison of Risk Analysis Methods: Mehari, Magerit, NIST800-30 and Microsoft s Security Management Guide Amril Syalim Graduate School of Information Science and Electrical Engineering Kyushu University,
More informationSERC Reliability Corporation Business Plan and Budget
SERC Reliability Corporation 3701 Arco Corporate Drive, Suite 300 Charlotte, NC 28273 704.357.7372 Fax 704.357.7914 www.serc1.org SERC Reliability Corporation 2018 Business Plan and Budget FINAL June 28,
More informationApproved Business Plan and Budget. Florida Reliability Coordinating Council, Inc.
Approved 2016 Business Plan and Budget Florida Reliability Coordinating Council, Inc. Approved: 6/25/2015 Table of Contents Introduction... 3 Organizational Overview... 3 Membership and Governance... 4
More informationQuestions and Answers Automated Budgeting Tool RFP
1 11/18/15 2 11/18/15 3 11/18/15 4 11/18/15 5 11/18/15 6 11/18/15 7 11/18/15 Questions and Answers Automated Budgeting Tool RFP Date: November 12-20 Date Question OPERS Response We understand that OPERS
More informationTechnical Budget Process. Overview FY18
Technical Budget Process Overview FY18 TABLE OF CONTENTS Introduction... 3 Conceptual Overview... 3 Basic steps in preparation process... 5 Budget development review report... 6 Classification of budget
More informationNEW YORK STATE DEPARTMENT OF FINANCIAL SERVICES PROPOSED 23 NYCRR 500 CYBERSECURITY REQUIREMENTS FOR FINANCIAL SERVICES COMPANIES
NEW YORK STATE DEPARTMENT OF FINANCIAL SERVICES PROPOSED 23 NYCRR 500 CYBERSECURITY REQUIREMENTS FOR FINANCIAL SERVICES COMPANIES I, Maria T. Vullo, Superintendent of Financial Services, pursuant to the
More informationThe role of an actuary in a Policy Administration System implementation
The role of an actuary in a Policy Administration System implementation Abstract Benefits of a New Policy Administration System (PAS) Insurance is a service and knowledgebased business, which means that
More informationTeam Dynamics within Global Equity
Client Memo Q1 2013 Team Dynamics within Global Equity by Global markets remain an interesting area within asset management as more and more plans allocate a significant portion of their equity to global
More informationFROM 12 TO 21: OUR WAY FORWARD
FROM 12 TO 21: OUR WAY FORWARD MESSAGE FROM THE BOARD Weldon Cowan, chair of the board of directors The board of directors shares the corporation s excitement about the next phase of the From 12 to 21
More informationModerator: Missy A Gordon FSA,MAAA. Presenters: Missy A Gordon FSA,MAAA Roger Loomis FSA,MAAA
Session 52PD: Financial Analysis: Impairment, Stress Testing and Predictive Modeling for Health Companies Moderator: Missy A Gordon FSA,MAAA Presenters: Missy A Gordon FSA,MAAA Roger Loomis FSA,MAAA SOA
More informationPresented at the 2010 ISPA/SCEA Joint Annual Conference and Training Workshop -
Abstract Risk Identification and Visualization in a Concurrent Engineering Team Environment Jairus Hihn 1, Debarati Chattopadhyay, Robert Shishko Mission Systems Concepts Section Jet Propulsion Laboratory/California
More informationBetter decision making under uncertain conditions using Monte Carlo Simulation
IBM Software Business Analytics IBM SPSS Statistics Better decision making under uncertain conditions using Monte Carlo Simulation Monte Carlo simulation and risk analysis techniques in IBM SPSS Statistics
More informationSample Sub-Title/Presenter/Addendum Info
1 TEST_SA MPLE TITLE Sample Sub-Title/Presenter/Addendum Info 2 2 3 Building Automation & Control System Vulnerabilities Is there an open door into your facility? by Dave Brooks, PhD Associate Professor,
More informationSelecting the Managers: Research and Due Diligence
Selecting the Managers: Research and Due Diligence January 2014 Scott Lavelle, CFA, FRM, CAIA Director of Investment Advisor Research Introduction Having choices can be good. Having too many choices can
More informationU.S. Equities LONG-TERM BENEFITS OF THE T. ROWE PRICE APPROACH TO ACTIVE MANAGEMENT
PRICE PERSPECTIVE February 2017 In-depth analysis and insights to inform your decision-making. U.S. Equities LONG-TERM BENEFITS OF THE T. ROWE PRICE APPROACH TO ACTIVE MANAGEMENT T. Rowe Price has demonstrated
More informationDisability Waivers Rate System
This document is made available electronically by the Minnesota Legislative Reference Library as part of an ongoing digital archiving project. http://www.leg.state.mn.us/lrl/lrl.asp Disability Waivers
More informationBrought to you by Physicians Insurance A Mutual Company April 24, 2012 Presented by: Chris Apgar, CISSP
Risk Analysis & Meaningful Use Brought to you by Physicians Insurance A Mutual Company April 24, 2012 Presented by: Chris Apgar, CISSP Today s Webinar All participant lines are muted. If you have questions,
More informationSonoma County Library Announces an Employment Opportunity ACCOUNTANT ROHNERT PARK HEADQUARTERS 40 HOURS PER WEEK FULL TIME
Sonoma County Library Announces an Employment Opportunity ACCOUNTANT ROHNERT PARK HEADQUARTERS 40 HOURS PER WEEK FULL TIME The Sonoma County Library is seeking a customer service oriented individual with
More informationRunning Head: Information Security Risk Assessment Methods, Frameworks and Guidelines
Running Head: Information Security Risk Assessment Methods, Frameworks and Guidelines Information Security Risk Assessment Methods, Frameworks and Guidelines Michael Haythorn East Carolina University Abstract
More informationPMI Long Island Chapter s Tools and Techniques Series PM101
PMI Long Island Chapter s Tools and Techniques Series PM101 Project Metrics & KPIs Agenda Overview Why Metrics and KPIs important Source of Metrics and KPIs Common PM Metrics and KPIs Other PM Metrics
More informationUser Guide for Schwab Equity Ratings Report
User Guide for Schwab Equity Ratings Report The Schwab Equity Ratings Report will help you make informed decisions on equities by providing you with important additional information and analysis. Each
More informationHow to Solve Hiring Problems with Data Analytics
How to Solve Hiring Problems with Data Analytics From Data to Insights 2 0 1 7 O u t M a t c h. A l l r i g h t s r e s e r v e d. Today s Presenters Casey Johnson, PhD OutMatch Senior Research Scientist
More informationAN INTRODUCTION TO RISK CONSIDERATION
AN INTRODUCTION TO RISK CONSIDERATION Introduction This cookbook aims at recalling basic concepts and providing simple tools and possibilities of applying the "considering of risks and opportunities" in
More informationInformation Security Risk Management
Information Security Risk Management Based on ISO/IEC 17799 Houman Sadeghi Kaji Spread Spectrum Communication System PhD., Cisco Certified Network Professional Security Specialist BS7799 LA info@houmankaji.net
More informationLecture 7. Requirements Prioritisation. Risk Management
Lecture 7 Requirements Prioritisation Risk Management 246 Lecture 7 Requirements Prioritisation Risk Management 247 Basics of Prioritisation Need to select what to implement Ä Customers (usually) ask for
More informationH 7789 S T A T E O F R H O D E I S L A N D
======== LC001 ======== 01 -- H S T A T E O F R H O D E I S L A N D IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 01 A N A C T RELATING TO INSURANCE - INSURANCE DATA SECURITY ACT Introduced By: Representatives
More informationBUDGETING 101 Basic Budgeting The What
BUDGETING 101 Basic Budgeting The What March 10, 2018 Washington, D.C. Kathie Novak University of Denver Jon Johnson Alliance for Innovation Handouts and Worksheets What is the Budget? 1. A STATEMENT of
More informationKidsafe NSW Risk Management Plan. August 2014
Kidsafe NSW Risk Management Plan August 2014 Document Control Document Approval Name & Position Signature Date Document Version Control Version Status Date Prepared By Comments Document Reviewers Name
More informationExpert Trend Locator. The Need for XTL. The Theory Behind XTL
Chapter 20 C H A P T E R 20 The Need for XTL esignal does an excellent job in identifying Elliott Wave counts. When combined with studies such as the Profit Taking Index, Wave Four Channels, Trend Channels
More informationTax Department Trends. Tuesday, November 28, 2017 Wichita Country Club Doug Watson - Director Evan Malcom - Manager
Tax Department Trends Tuesday, November 28, 2017 Wichita Country Club Doug Watson - Director Evan Malcom - Manager Presenters Doug Watson Director doug.watson2@us.gt.com 612 677 5260 Evan Malcom Manager
More informationStreamline and integrate your claims processing
Increase flexibility Reduce costs Expedite claims Streamline and integrate your claims processing DXC Insurance RISKMASTERTM For corporate claims and self-insured organizations DXC Insurance RISKMASTER
More informationRisk Management: Assessing and Controlling Risk
Risk Management: Assessing and Controlling Risk Introduction Competitive Disadvantage To keep up with the competition, organizations must design and create a safe environment in which business processes
More informationGood Practices in Social Security
Good Practices in Social Security Good practice in operation since: 2007 ISSA Good Governance Guidelines in Practice: Service standards for Members and Beneficiaries The Singapore Experience A case of
More informationOffice of Planning & Budgeting FY18 Budget Development Administrative Unit Name:
Office of Planning & Budgeting FY18 Budget Development Administrative Units Administrative Unit Name: Office of Planning & Budgeting, Executive Office Please complete this Word document and the accompanying
More informationMarket Research for Business and Public Policy Decisions in Consumer Lending
Market Research for Business and Public Policy Decisions in Consumer Lending History has shown that market research and self-assessment methods are powerful tools for uncovering problems and improving
More informationForecasting Cost to Complete on Major Projects By: Chris Ronak, July 2018
Forecasting Cost to Complete on Major Projects By: Chris Ronak, July 2018 Category: General Project Controls Case Studies Zone Abstract This paper demonstrates the importance of regularly and accurately
More informationWhen events are measured: results improve. When feedback is provided the rate of improvement accelerates.
Critical Management Reports For Homebuilders presented by Mike Benshoof, Vice President and Partner SMA Consulting When events are measured: results improve. When feedback is provided the rate of improvement
More informationThe (Un)Reliability of Past Performance
The (Un)Reliability of Past Performance The longer your view, the better your perspective By Baird s Advisory Services Research If you re making investment decisions with the assumption that recent performance
More informationEnergy Efficiency Reporting & Streamlining
Energy Efficiency Reporting & Streamlining DPU 11 120 Reporting Working Group Christina Halfpenny Division Director, Energy Efficiency 5/7/2013 2 Needs for Streamlining In DOER s view, streamlining reporting
More informationRisk Management Plan PURPOSE: SCOPE:
Management Plan Authority Source: Vice-Chancellor Approval Date: 16/05/2018 Publication Date: 17/05/2018 Review Date: 17/05/2021 Effective Date: 16/05/2018 Custodian: General Counsel and University Secretary
More informationBUDGET REPORT GUIDANCE FOR FY19: ACTIVITY-BASED UNITS
Office of the Provost University of Illinois at Urbana-Champaign BUDGET REPORT GUIDANCE FOR FY19: ACTIVITY-BASED UNITS 3 November 2017 The State of Illinois recent budget impasse ended in July 2017. Allocations
More informationPOST-IMPLEMENTATION REVIEW REPORT
JANUARY 2012 POST-IMPLEMENTATION REVIEW REPORT on FASB Interpretation No. 48, Accounting for Uncertainty in Income Taxes (Codified in Accounting Standards Codification Topic 740, Income Taxes) FINANCIAL
More informationREUTERS/Ognen Teofilovski. Thomson Reuters ESG Scores Date of issue: March 2017
REUTERS/Ognen Teofilovski Thomson Reuters ESG Scores Date of issue: March 2017 2 Contents Executive Summary...3 Data Process...4 Global Coverage...5 Scores Overview...6 Scores Structure...6 Scores Calculation
More informationREQUEST FOR EXPRESSIONS OF INTEREST AFRICAN DEVELOPMENT BANK 01 B.P.
REQUEST FOR EXPRESSIONS OF INTEREST AFRICAN DEVELOPMENT BANK Avenue Joseph Anoma, 01 B.P. 1387, Abidjan, CÔTE D'IVOIRE Programming and Budget Department (SNPB) E-mail: a.maquengo@afdb.org / b.mugova@afdb.org
More informationFalse Dilemmas, Energy Projects and Value Creation
False Dilemmas, Energy Projects and Value Creation Jonathan A. Coburn President, Building Asset Insight LLC Abstract A false dilemma is created when options are presented in an either/or" context when
More informationW H I T E P A P E R. Sabrient Multi-cap Insider/Analyst Quant-Weighted Index DAVID BROWN CHIEF MARKET STRATEGIST
W H I T E P A P E R Sabrient Multi-cap Insider/Analyst Quant-Weighted Index DAVID BROWN CHIEF MARKET STRATEGIST DANIEL TIERNEY SENIOR MARKET STRATEGIST SABRIENT SYSTEMS, LLC DECEMBER 2011 UPDATED JANUARY
More informationCrowe, Dana, et al "EvaluatingProduct Risks" Design For Reliability Edited by Crowe, Dana et al Boca Raton: CRC Press LLC,2001
Crowe, Dana, et al "EvaluatingProduct Risks" Design For Reliability Edited by Crowe, Dana et al Boca Raton: CRC Press LLC,2001 CHAPTER 13 Evaluating Product Risks 13.1 Introduction This chapter addresses
More informationManaging operational tax risk through technology
Managing operational tax risk through technology EY Africa Tax Conference September 2014 Panel Daryl Blakeway Director Tax Performance Advisory Leader EY South Africa Anthony Davis Director Tax Performance
More informationFinal Preliminary Survey Report Audit of Budgeting and Forecasting. June 19, Office of Audit and Evaluation
2013-705 Audit of Budgeting and Forecasting June 19, 2014 Office of Audit and Evaluation TABLE OF CONTENTS INTRODUCTION... 1 BACKGROUND... 1 OBJECTIVE, SCOPE AND APPROACH... 3 RISK ASSESSMENT... 4 PRELIMINARY
More information4 WAYS INTEGRATED RECEIVABLES MANAGEMENT FIXES BROKEN ACCOUNTS RECEIVABLES PROCESSES
4 WAYS INTEGRATED RECEIVABLES MANAGEMENT FIXES BROKEN ACCOUNTS RECEIVABLES PROCESSES Receivables management is critical to a corporation s liquidity and customer relationships. EXECUTIVE SUMMARY BUSINESSES
More informationPAGE 1 OF 7 HEALTH, SAFETY & ENVIROMENTAL MANUAL PROCEDURE: S220 Hazard Communication Program REV /13/2012
PAGE 1 OF 7 Hazard Communication Program Right to Know PURPOSE: It is the intention of BMT and all of its subsidiary companies to conduct its operations in such a manner that not only complies with health,
More informationENTERPRISE RISK AND STRATEGIC DECISION MAKING: COMPLEX INTER-RELATIONSHIPS
ENTERPRISE RISK AND STRATEGIC DECISION MAKING: COMPLEX INTER-RELATIONSHIPS By Mark Laycock The views and opinions expressed in this paper are those of the authors and do not necessarily reflect the official
More informationThe Case for Growth. Investment Research
Investment Research The Case for Growth Lazard Quantitative Equity Team Companies that generate meaningful earnings growth through their product mix and focus, business strategies, market opportunity,
More informationInvestment Adviser Advertising
Investment Adviser Advertising Delaware Investments Training Session June 19, 2006 Steven W. Stone Partner Morgan, Lewis & Bockius LLP Tim W. Levin Partner Morgan, Lewis & Bockius LLP www.morganlewis.com
More informationOregon Legislative Fiscal Office Fiscal Impact Statement Process and Best Practices
Oregon Legislative Fiscal Office Fiscal Impact Statement Process and Best Practices Everybody is entitled to his own opinion, but not his own facts. Senator Daniel Patrick Moynihan What is a Fiscal Impact
More informationKPMG s 2016 Internal SOX Survey
KPMG s 2016 Internal SOX An internal survey of KPMG teams their current experiences serving clients with regards to SOX program governance execution Tools Do you control your Sarbanes- Oxley 404 (SOX
More informationUSE OF FINANCIAL RATIOS IN COMMUNITY COLLEGE INSTITUTIONAL RESEARCH
USE OF FINANCIAL RATIOS IN COMMUNITY COLLEGE INSTITUTIONAL RESEARCH David Case Vice President for Institutional Research & Effectiveness East Central Community College Decatur, MS WHAT IS A FINANCIAL RATIO?
More information4 WAYS INTEGRATED RECEIVABLES MANAGEMENT FIXES BROKEN ACCOUNTS RECEIVABLES PROCESSES
4 WAYS MANAGEMENT FIXES BROKEN ACCOUNTS RECEIVABLES PROCESSES Receivables management is critical to a corporation s liquidity and customer relationships. EXECUTIVE SUMMARY BUSINESSES ARE DEMANDING MORE
More informationBasel III Reforms. Strategic Initiatives of the Risk Management Implementation in Risk and its Management Profiles
630 Basel III Reforms In order to improve the 's ability to manage risk due to interest rate movements affecting income and capital (interest Rate Risk in Banking Book/IRRBB), Bank Mandiri has made preparations
More informationSERC Reliability Corporation Business Plan and Budget
SERC Reliability Corporation 3701 Arco Corporate Drive, Suite 300 Charlotte, NC 28273 704.357.7372 Fax 704.357.7914 www.serc1.org SERC Reliability Corporation 2018 Business Plan and Budget DRAFT April
More informationPlanning and Budgeting Forum Mission Achievement Planning
Planning and Budgeting Forum Mission Achievement Planning September 22, 2014 Denver, Colorado Gordon Jensen Introduction Metropolitan Community College (MCC): One of six community colleges in Nebraska
More informationQView Latency Optics News Round Up
QView Latency Optics News Round Up 5.8.13 http://www.automatedtrader.net/news/at/142636/nasdaq-omx-access-services-enhances-qview-latencyoptics Automated Trader NASDAQ OMX Access Services Enhances QView
More informationdailyvest s plananalytics is a comprehensive monitoring and analysis tool for plan sponsors and administrators.
Monitor Plan Performance, Participation and Investment Behavior OF EVERYBODY! Analyzes wellness of employersponsored retirement plan s. E N T E R P R I S E S O F T W A R E F O R A N A L Y Z I N G A N D
More informationIT Risk in Credit Unions - Thematic Review Findings
IT Risk in Credit Unions - Thematic Review Findings January 2018 Central Bank of Ireland Findings from IT Thematic Review in Credit Unions Page 2 Table of Contents 1. Executive Summary... 3 1.1 Purpose...
More informationWeek 4 and Week 5 Handout Financial Statement Analysis
Week 4 and Week 5 Handout Financial Statement Analysis Introduction After understanding the basic financial statements, one may be interested in analysing the financial statements to understand the performance
More informationKPIs & KEIs for Success
The Smart Manager Series (#3) KPIs & KEIs for Success Key principles & Survival Kit Tools October 2018 Smart Pharma Consulting Table of Contents 1. Introduction p. 2 2. Definitions p. 3 3. How to choose
More informationSAMPLE REPORT. Call Center Benchmark. In-house/Insourced Call Centers DATA IS NOT ACCURATE!
SAMPLE REPORT DATA IS NOT ACCURATE! Call Center Benchmark In-house/Insourced Call Centers Report Number: CC-SAMPLE-IN-0116 Updated: January 2016 MetricNet s instantly downloadable Call Center benchmarks
More informationEffective monitoring of outsourced plan recordkeeping and reporting functions
Employee Benefit Plan Audit Quality Center Plan advisory Effective monitoring of outsourced plan recordkeeping and reporting functions 22973_374 Effective Monitoring_R2 copy.indd 1 10/25/17 4:07 PM The
More informationConstruction Management Directorate Assessment Report, 2012
Construction Management Directorate Assessment Report, 2012 1. Expected Outcomes: Close-out: Construction Management Directorate (CMD) will close-out each project within a designated timeframe. CMD will
More informationCyber COPE. Transforming Cyber Underwriting by Russ Cohen
Cyber COPE Transforming Cyber Underwriting by Russ Cohen Business Descriptor How tall is your office building? How close is the nearest fire hydrant? Does the building have an alarm system? Insurance companies
More informationThe Benefits of Credit Reporting How CBA Reporter Can Positively Impact Your Lending Organization
1 The Benefits of Credit Reporting How CBA Reporter Can Positively Impact Your Lending Organization Executive Summary Credit Builders Alliance (CBA) administered a short survey in winter 2016 to all of
More informationClarify and define the actual versus perceived role and function of rating organizations as they currently exist;
Executive Summary The purpose of this study was to undertake an analysis of the role, function and impact of rating organizations on mutual insurance companies and the industry at large. More specifically,
More informationIntroduction to Risk for Project Controls
Introduction to Risk for Project Controls By Eukeni Urrechaga, PE Quick view at Project Controls Project Controls, like project management, is much an art as it is a science. The secret of good project
More informationThe DLOM Job Aid for IRS Valuation Professionals What it Means for Estate Planners and Taxpayers
The DLOM Job Aid for IRS Valuation Professionals What it Means for Estate Planners and Taxpayers Valuation discounts are frequently challenged by the Internal Revenue Service and no discount is as contentious
More informationCLAconnect.com/construction. The 2018 CLA Construction Benchmark Report
The 218 CLA Construction Benchmark Report The 218 CLA Construction Benchmark Report CLA construction professionals have compiled financial data from our industry clients across the United States. The goal
More informationSTRATEGIC DIRECTION. Several years ago the City adopted a Strategic Management System (SMS) which drives the way the City conducts its business.
STRATEGIC DIRECTION Several years ago the City adopted a Strategic Management System (SMS) which drives the way the City conducts its business. The department directors contribute to the SMS by developing
More informationStrategic Planning Session Fiscal Year 2018
1 P a g e Strategic Planning Session Fiscal Year 2018 Wednesday, March 8, 2017 This document is a comprehensive guide to the annual strategic planning process for the City of Ocala. It outlines how it
More information2017 URAC SPECIALTY PHARMACY PERFORMANCE MEASUREMENT: AGGREGATE SUMMARY PERFORMANCE REPORT
2017 URAC SPECIALTY PHARMACY PERFORMANCE MEASUREMENT: December 2017 Table of Contents Executive Summary... 1 Specialty Pharmacy Organization Characteristics... 2 Data Validation Overview... 7 Results:
More informationRisk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY
NHS Education for Scotland RISK MANAGEMENT STRATEGY January 2016 1 Contents 1. NES STATEMENT ON RISK MANAGEMENT 2 RISK MANAGEMENT STRATEGY 3 RISK MANAGEMENT STRUCTURES 4 RISK MANAGEMENT PROCESSES 5 RISK
More informationOverview of Services
A proud member of Retirement Plan Advisory Group Overview of Services From cost control to compliance and counsel to communication presented by RPAG member: Cognis Retirement Group, LLC info@cognisretirementgroup.com
More informationMarket Insights. 1. Rice Warner Research Reports. Superannuation and Investments Reports. 1.1 Superannuation Market Projections
Market Insights 1. Rice Warner Research Reports This product list sets out a description for all regular research reports issued by Rice Warner. In addition, there are one-off reports such as, Member Direct
More information