Webinar: How customers are using SAP GRC software and
Winterhawk services for GDPR Compliance
Best Practice Application of SAP Audit Management
in 15 minutes
SAP’s Audit Management software system has an easy to use user interface, is mobile compatible and can integrate with an existing Risk and Controls platform. Find out more in our upcoming webinar, when we’ll also cover:
- How to easily migrate existing audit data such as risks, controls, audit items, work programs, procedures, etc.,
- Hints and tips on planning and preparing for audits quickly, and
- How Winterhawk customers are benefitting from using SAP Audit Management
When: Friday 27th July
Time: 2:00 – 2:15 pm BST
How to use SAP Process Control to manage your GDPR governance program
in 15 minutes
Date: Friday 29th June 2018
Event type: Webinar
Venue: From your desk or mobile
Time: 14:00 – 14:15
Email firstname.lastname@example.org to register.
Do you have an effective, ongoing governance platform for processes and controls relating to the GDPR for your organisation and all subsidiaries?
Are you looking to adopt a tried and tested, best practice GDPR governance framework model already deployed across organisations in and outside the EU?
Winterhawk has developed a GDPR framework consisting of 13 processes and over 140 controls and activities, suitable for rapid deployment on the SAP Process Control solution.
With many organisations having already undertaken large scale GDPR programs pre-25th May to get their houses in order, it’s time to ensure that the new processes, controls and policies are governed and monitored for issues in order for effective remediation to be tracked and monitored. Without a governance framework, it’s easy to lose track of issues raised and lose vital evidence to supply to audit teams and regulators when requested.
SAP Process Control and Winterhawk’s GDPR framework aid the rapid deployment of the processes and controls that every organisation should have implemented to comply with the GDPR, promoting ownership and accountability, and enforcing the remediation of issues.
There is further benefit to leveraging SAP Process Control as it also provides a framework for managing Financial, IT, HR and many other processes and controls for a number of different regulations and standards (SOX, FDA, ISO 27001, Cobit 5 etc.), as well as the ability to automate controls.
Who will benefit from attending this webinar?
This session will be relevant to Heads of Compliance, Risk Officers, Data Protection Officers, GDPR Program owners, CIOs and Auditors.
Winterhawk invites you to a morning of networking with like-minded professionals, on Thursday the 7th of June, in London’s iconic Institute of Directors building.
This is not a sales-led event. The morning will have plenty of breaks and discussions with your peers about:
• Best Practice and roles in Internal Audit, SAP Security and Access
Governance teams with the GDPR
• Identifying new risks and mitigating controls – Do’s and Don’ts
• Understanding what is coming in the SAP GRC Roadmap
• Reducing the SAP data-related risks through archiving
Join us the 7th of June from 9am to 12pm at the Institute of Directors premises, 116 Pall Mall, London (located minutes from Trafalgar Square & Piccadilly Circus). Places are limited, so don’t wait to reserve your seat at the
Working Towards GDPR Compliance with SAP Assets
Event type: Webinar
Venue: From Your Desk or Mobile
Time: 13:30 – 14:30
General Data Protection Regulation (GDPR) is a set of regulations by which the European Commission intends to strengthen and unify data protection for individuals’ personal data. It comes into effect on 25th May, 2018.
SAP has the unique advantage of best of breed solutions when used together to provide a comprehensive platform that will help organisations demonstrate GDPR compliance: for both SAP and non-SAP systems.
In this 1 hour webinar from the comfort of your desk, we will address Governance, Compliance, Risk and Data Management solutions, which will assist with fulfilling your GDPR strategy which has been put into place by your assigned data protection officer.
Who will benefit from attending this webinar?
Though not a technical event, SAP IT teams who need to fulfil the business GDPR compliance strategy will find this event a great way to ascertain what SAP solutions will help plan and meet GDPR compliance.
If this date doesn’t suit your diary, contact us to learn more about how SAP solutions can assist you on your journey towards GDPR compliance.
Cybersecurity in an SAP world: What you can do in the next 30 days to protect yourself
Wednesday, November 29, 2017
10:45 AM – 11:45 AM
Hear Bill Oliver, Partner – Business Development & Operations, Winterhawk Americas dive into hacking methods most commonly used to gain access to SAP systems, examine the impact of a breach, and find out what you can do — right now — to insulate against an ever-changing landscape of threats.
Attend this session to:
- Understand the history of hacking SAP systems and learn how hackers are getting into SAP systems
- Understand what SAP and SAP customers are doing to adjust to a modern threat environment
- Find out what you can do in the next 30, 60, and 90 days to help prevent a breach, including an overview of tools that are currently on the market, such as SAP Enterprise Threat Detection
To visit the SAP Insider website for further conference details, click here.
Cyber Security As it Relates to SAP
To better understand how you can prepare your organisation to handle a sophisticated cyber attack, join Winterhawk America’s SAP security experts at 13:30 EST/18:30 GMT on Wednesday 1st February, to discuss trends in SAP cyber security, including:
- A brief history of SAP breaches – how they’ve been carried out and impacts on the companies affected,
- What you can do in the next 30 days to protect your SAP Systems, and
- A brief demo of ERPScan, an SAP Certified Solution for SAP Penetration Testing.
Click here to register: This Event is Closed
Are you up to date?
A typical organisation loses 5% of revenue each year to fraud, corresponding to annual costs exceeding $3.5 trillion worldwide.
In 2011, the DETICA Report stated that £27 billion was the estimated cost of cyber-crime in the UK.
By 2015, the British insurance company Lloyd’s estimated that cyber-attacks cost businesses as much as $400 billion a year, which included direct damage plus post-attack disruption to the normal course of business.
Only 1 in 10 organisations are confident they have adequate tools, technologies and processes to manage current compliance, risk and security obligations, let alone future challenges.
Amid rising pressures to deliver value while adapting quickly to change, companies need to act swiftly, yet still protect themselves from fraud and cyber-attacks.
Cyber, Fraud & Data Protection, in the era of Digital Transformation
A unique opportunity to hear insight from industry experts across a range of sectors
· Combating and Exposing Fraud – How to protect your brand
· The Evolution of Cloud Computing
· The Internet of Things – Benefits and pitfalls
· Showcasing the latest in Fraud Management & Enterprise Threat Detection
· How to Build a GRC Business Case – Quantifying a Return on Investment
· Laws, Regulations and Trends (including Liability and Penalties) in General Data Protection Regulation (GDPR)
Who Should Attend:
Primarily individuals working in large-medium sized organisations in the following type roles
· Audit, Security, Compliance, Fraud, Risk Directors
· Information Security and other Senior Executives (CISO, CIO etc)
· Seeking a better understanding of GRC, Cyber-Attacks, Fraud and Threats
· Those considering a Cloud strategy
· Those looking to integrate their Governance, Risk and Compliance departments
(Please note, places are limited, this event is not suitable for independent IT consultants or consulting firms)
Registration deadline is 19 October 2016
Parts of this event will be recorded for promotional and educational purposes. Attending this event confirms your agreement to appear in possible broadcasts of the event on various public media platforms.
0900-0910 Introduction Chris Johnston (10min)
0910-0950 Technology Trends Jan Ziskasen (40mins)
0950-1020 How to Assess Compliance & Remain Compliant Frank Staelens (30mins)
Break 20 min
1040-1110 Fraud & Cyber Detection and Prevention by SAP Dr. Neil Patrick (30 min)
1110-1140 Combating Fraud & Building a GRC Business Case Andrew Sawyer & Frank Staelens (30 min)
1140-1200 The Evolution of Cloud Computing Lorenzo Squellati (20 min)
Lunch 45 min
1245-1315 Protecting your Organisation – Its Brand, Data & Assets Charles Braswell (30 min)
1315-1345 Understanding GDPR Paul Hammersley, EPI-USE Labs (30 min)
Break 15 min
1400-1440 Liability & Penalties in GDPR – EU Dirk De Maeseneer (40 min)
1440-1520 Post Brexit – UK Legal Perspectives Mark Gleeson (40 min)
1520 Close, Coffee, Networking
Speakers & Bio
Jan is an accomplished Technology Executive whose experience across large-scale systems and technology transformations and operations has taken him around the world. Jan’s overarching leadership philosophy is to transform people’s lives.
He has recently returned to Europe after several years serving as the CTO at Kraft Foods in the United States. Jan holds a number of global board positions. In his current role as CEO of Faroese Telecom, his vision is to create the best connected country in the world.
Dirk De Maeseneer
Dirk is a leading business litigator in Belgium. He specialises in the areas of fraud, counterfeiting, environmental and other forms of white-collar crime. In addition to long-term expertise in liability, commercial and corporate litigation and criminal law.
He also advises on risk insurance management matters in due diligence procedures. He assists and represents clients in a wide range of often complex and cross-border litigation and ADR matters, and is a member of the Anti-Fraud Network.
Partner Risk Analytics
Moore Stephens (Belgium)
Frank’s experience includes leading third party forensic practices, serving as the Managing Director of a predictive analytics boutique firm, a compliance officer of a tier 1 bank, and working in law enforcement as a police officer with the Serious Fraud Office in Belgium.
He has developed both third party compliance and fraud risk predictive solutions for the European Commission. Frank is a Certified Fraud Examiner, a Registered Forensic Auditor, and is also the President of the European Institute of Fraud Auditors.
Vice President of Sales EMEA (GRC)
Chris was one of the first people to be certified as a GRC Professional by the OCEG and is frequently asked to speak at domain events.
He believes that well-managed GRC is becoming less of an ‘option’ for companies and that it is becoming accepted as a sound strategic decision. Chris has responsibility at SAP for growing the GRC business in Europe, Middle East and Africa. He is focused on helping organisations optimise their processes, policies and practices by leveraging SAP Solutions.
Browne Jacobson LLP
Mark most recently led the UK data privacy practice at the international law firm Squire Patton Boggs. He has advised a number of clients on the impact to their organisations of the General Data Protection Regulation (GDPR) and the Network and Information Security Directive (NIS).
He is an expert panel member for DataGuidance, the global on-line data privacy compliance resource and is a member of the editorial board of the Journal of Data Protection and Privacy. He specialises in data protection, privacy, cyber-security and freedom of information and has held a number of senior in-house data protection roles.
Velocity Technology Solutions
Lorenzo has a broad range of experience in IT Operations, Infrastructure Management and professional services through an extensive career within the SAP Ecosystem.
He is currently the head of Cloud Services for Europe Middle East and Africa at Velocity Technology Solutions, having previously worked for SAP America within its hosting team, as well as AT&T. Lorenzo has an innate ability to communicate at all levels on the value of moving enterprise applications to the Cloud, and on how that data can and needs to be safely processed and protected.
Dr. Neil Patrick
Director GRC Centre of Excellence EMEA
Neil is passionate about GRC and Security. He has been a managing consultant, has run professional services delivery teams in the UK and USA, and conducted requirements and business analysis sessions around the world.
Neil’s depth of knowledge makes him a regular presenter at events, conferences and briefing sessions. Linking SAP Analytics/GRC global vision into EMEA execution plans, engaging and working closely with regional and local teams.
Director of Analytics EMEA
Winterhawk Consulting LTD
Andrew is an experienced and passionate professional whose extensive SAP background includes GRC and Security, Basis, Data Management and a breadth of wider and successful SAP Project Implementations.
Prior to joining Winterhawk, he led Mondelez International’s (formally Kraft Foods / Cadburys) SAP Security Project and Governance teams. Andrew is currently responsible for the development of new sector specific and cross-industry Fraud Management content.
Managing Partner Americas
Winterhawk Consulting LLC
Charles has a wealth of experience implementing and upgrading financial and compliance software products, deploying SAP, and designing comprehensive custom control monitoring solutions.
Prior to founding Winterhawk Americas, Charles was the Partner in charge of the GRC practice at Sunera LLC in the United States, and also delivered risk-based SAP services for the South East Region of KPMG’s Information Risk Management practice.
Vice President Landscape and Data Services
In his role at EPI-USE Labs, which includes landscape optimisations, Paul has led a significant number of data management anonymisation projects and SAP migrations across the globe.
His outstanding technical knowledge and data management expertise provide an added depth to his presentations. In his fifteen years of working with SAP applications, he has also helped customers design and refine their enterprise landscapes.
Synopsis of talks
Chris Johnston – Introduction
Chris will be kicking-off the event with his views on today’s landscape of Fraud and Cyber-Attacks.
- Trends that are dramatically reshaping the economy
- Digital Transformation – Consequences of the Mega Trends
- Enterprise Risk v Rewards
Jan Ziskasen – Technology Trends
Jan has lived and breathed technology over several decades and across multiple continents.
- A journey through the evolution of technology, from the beginning of the computers age, to the present day and beyond.
- Expect some lively and highly interactive elements!
Frank Staelens – How to Asses Compliance & Remain Compliant
More regulations, more strong regulators, more regulated countries and more regulated sectors. Over a 30 years career in risk, compliance and forensic audits, Frank has seen most things.
- Technology drivers
- Remaining compliant, in today’s complex business environments
- Remaining compliant, in tomorrow’s complex business environments!
Dr. Neil Patrick – Fraud & Cyber Detection and Prevention by SAP
With ever-increasing instances of cyber-crime being reported, Neil will be showcasing the very latest detection strategies and capabilities from SAP Fraud Management.
- Fraud Types
- Complacency, Trends
- Vertical Specialisations
- Detection Strategies
- Adaptive Learning
Andrew Sawyer & Frank Staelens – Combatting Fraud & Building a GRC Business Case
Andrew and Frank will be discussing the many challenges around detection of both Fraud and Cyber Attacks.
- Looking at Fraud detection patterns
- Real time payment monitoring
- How organisations can build a robust business case for GRC solutions with quantifiable ROI
Lorenzo Squellati – The Evolution of Cloud Computing
Cloud is a relatively new term, or is it? Lorenzo will share his thoughts, highlighting both benefits and pitfalls of companies moving “to the cloud.”
Roadmap to the Cloud
- How do we chose between Private, Public and Hybrid Cloud?
- When is the best time to move to the Cloud?
- Sharing Case Studies
Andrew Sawyer & Charles Braswell – Protecting your organisation – its Brand, Data & Assets
What’s been the tangible impact to organisations who have been hacked or lost data? Andrew & Charles will provide both European and American perspectives.
What are the Building Blocks to successful Governance, to safeguarding your systems and your company’s reputation?
- Are your systems protected from outside attacks?
- What more could you do?
Paul Hammersley – Understanding GDPR
Businesses have less than two years to prepare for the changes that will come with the introduction of GDPR. Paul will be setting the scene for the afternoon’s focus on GDPR.
- GDPR background
- How it came about
- Timing and requirements
- How can organisations best prepare?
Dirk De Maeseneer – Liability & Penalties in GDPR
Hackers stole information associated with at least 500 million Yahoo user accounts. This data breach is the largest discovered in the history of the Internet, yet it was only publicly disclosed by Yahoo two years after the fact. In recent weeks, TalkTalk has been fined by the ICO for security failings, allowing a cyber-attacker to access customer data “with ease”.
- Dirk will be providing a European perspective on GDPR and the latest new headlines.
- Looking in-depth at the reporting of data losses and the potential for fines.
Mark Gleeson – Post Brexit – UK Legal Perspectives
Brexit has happened; well, it seems it’s going to happen, but quite when – we’ll have to wait and see. Mark will consider the implications for UK-based organisations from a GDPR perspective, those with and without international business.
- Has Brexit actually changed anything ?
- Can we all breathe a sigh of relief?