Skip to Main Content
Home » Blogs » Data Security is Everyone’s Responsibility

Blog

Data Security is Everyone’s Responsibility

rpa-big

For many years, software companies have trudged down a path of making updates and releasing enhancements to their applications, in hopes that their customers will find value in what they produce. In today’s world of customer journey mapping to enhance and understand the customer experience, that thinking no longer works.

Personally, as the Head of Product Management for iGrafx, I try to get out of the office as often as possible to hear exactly what the market and our customers are saying. To that end, a few weeks ago I had the privilege of attending the Enterprise Risk Management Symposium in Portland. Here are a few of the highlights I picked up.

  • IT Security is a matter of culture not technology. That means that the whole organization needs to be included in understanding and implementing the required behavior.
  • While everything in IT needs a process, documentation, and the metrics to monitor the behavior, they also need to understand the other processes that they support, and the systems used. Additionally, it is imperative that they understand the risks of a process or system failure and ensure there are mitigating controls in place to nullify or, at the very least, minimize the disruption. Processes for dealing with incidents should not be taken lightly. It is not a matter of “IF” there will be an incident, only “WHEN”.
  • You should have an inventory of “Capabilities” which can identify relationships to not only other capabilities, but also to the processes that support them, as well as identifying the risks for failure. It is also important that groups can identify gaps in their capabilities so that they can address them before they became real issues.

The biggest shock to me, and also the biggest takeaway, was how impressed the group as a whole was with GDPR. While the new regulation at present is a bit of headache, as everyone rushes to be compliant by May 25th, they were very much impressed. It was also clear that this group was already moving in a direction to work with US law makers to enact a similar regulation here, using GDPR as a template. If you have not heard about GDPR you can find out more about it, who it impacts, and what you can do to be ready here.

Overall, I enjoyed this show. It provided a lot of good insights into the challenges and ideas of those who are tasked with handling Risk Management. But most importantly for me, the ERM Symposium really helped build confidence and validation in the direction of iGrafx, as we continue to develop and evolve with the market.

Related Posts

Business Modeling During & After Major Disruptions

  • clock February 26, 2021
  • author-icon Ed Maddock
  • 0 comments

When it comes to business modeling during and after major disruptions, you can safely assume new regulations are going to come into play. We can...

Read More

Can Technology Help with Risk Management?

  • clock February 24, 2021
  • author-icon Ed Maddock
  • 0 comments

Can technology such as process mining help with Risk Management? The answer is both Yes and No. Process Mining Process Mining is a fantastic tool...

Read More

The Key Components of a Business Model

  • clock February 17, 2021
  • author-icon Ed Maddock
  • 0 comments

The first and most obvious component is creating the process landscape itself. To do so, we must understand if these processes: Are end-to-end flows like...

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

ON DEMAND DEMO

Download our expert-led demonstration of the iGrafx Platform

Close Icon