IT GRC has emerged as a unifying theme aligning IT governance, risk and compliance with the priorities of the business.   GRC is about collaboration and communication - it is getting many silos of risk, compliance, and governance to work together and share information and processes.

A proper GRC program implements systems and processes to monitor current business activity, sets the risk tolerance, identifies potential risks, prioritizes and manages risk,  takes steps to ensure compliance, provide for corrective action and provide a common framework for communication,

With the help of his security team, Global IT security, risk and compliance manager Bruce Jones developed a security risk management and metrics program that not only presents a holistic risk-based view of Kodak’s security and risk posture but also translated the operational and tactical information in a fashion that made it easy for the business to digest and use this information.

This presentation will present a Risk Management framework that can be used to monitor compliance, evaluate risk, communicate with various levels of management and help drive business decisions that are in alignment with the business objectives and the risk tolerance of the organization.

Speaker:

Bruce E. Jones

Global IT Security,  Risk and Compliance Manager

Eastman Kodak Company

Bruce Jones has global responsibility over IT security,  risk management, compliance and forensics at Kodak.  In his 27 years at the company, he has served a variety of roles including  manufacturing, purchasing, ERP deployment, compliance and information security management. His focus has always been on the implementation of information systems that support Kodak’s global business strategies, goals and objectives. He created the company’s global IT Security & Risk program from the ground up, and it is held to the highest standard as an industry Best Practice.   This program was recently published by Forrester and has been presented at several conferences.

Bruce holds a BS degree in Computer Science from Saint John Fisher College and a Certified Information Security Management certification from ISACA.  He has received several awards including being named as one of the top 5 Information Security Executives in North America in 2008 by Executive Alliance,   named as one of the top 5 Chief Security Officers in the US in 2009 by SC Magazine and his team was named as one of the top 5 Information Security Teams in 2009 by SC Magazine.   He serves as industry advisor for the Rochester Institute of Technology, and is very active in the community.

Location:

Mario's Italian Steakhouse

2740 Monroe Avenue

Pittsford, NY 14534

Cost: $15/Student, $20/member, $25/Non-Member

Please RSVP to alex.douds@freedmaxick.com