This resource is no longer available
Video: Building a compliance scorecard
For a myriad of reasons, developing meaningful compliance reporting that makes sense to management and definitively measures relevant compliance benchmarks is a surprisingly difficult challenge. But with the right approach, it is possible. This video will detail:
- An overview of the topic, emphasizing the challenge of developing meaningful reporting to management, particularly as it relates to information security compliance
- Understanding the constituent pieces within an organization that impact the overall compliance status
- Information security, IT, legal, corporate compliance, internal audit, operations, HR, etc.
- Metrics that are meaningful
- Creating reporting that focuses on strengths and plans for improvement, not outright vulnerabilities
- Using scorecards to provide a “forest” view of the security and compliance landscape
SpeakerEric Holmquist President, Holmquist Advisory
Eric Holmquist has more than 25 years experience in the financial services industry and is a frequent industry author and speaker. As the former vice president and director of operations risk management for Advanta Bank Corp., he was responsible for the development and oversight of the bank's operational risk management program. In addition, Holmquist chaired the bank's MIS council, an oversight group that provides governance with regard to standards, methods and production of financial and operational reports and the management of enterprise data. Holmquist also acted as the bank's information security officer with responsibility for oversight of the bank's information security strategy, acting as a liaison to the company’s board of directors.
Holmquist chairs the operational risk management for IT committee through the Risk Management Association, a nationwide trade group based in Philadelphia focused on sound risk management practices in the global financial services industry. Holmquist is the author of Risk-Sizing ORM – Scaling Operational Risk Management For The Small To Mid-sized Market, is a contributing author to Operational Risk 2.0 (2007) and The Advanced Measurement Approach to Operational Risk (2006), both by Incisive Media and writes periodic articles on operational risk management topics for OpRisk & Compliance Magazine.