So you hired some risk managers and they drafted up a governance structure. And implemented all of the regulations, along with compliance dashboards, process documentation and test plans. But did any of that make your company more secure? Yes, you (think you) can see which departments comply with which rules, and can take action by asking teams to step up their game, but does that really help? Does risk management and cyber security live in the hearts of your employees? Do they understand the regulations, or do they go through the motions just to be left alone? Do they care about their score on that dashboard?
One of the problems with risk management, especially in larger companies, is how to get your employees on board. You can explain risk management till you are blue in the face, but unless your employees understand their role in it and how they can contribute, it is not going to take off. In this talk I’ll explain how we dealt with this challenge. It started as a local initiative to make DevOps engineers more risk aware, because it was no longer possible to have risk management check everything they wanted to put in production. It grew into a full fletched cross border Risk Awareness Program for both IT and Business employees, apart and together. With practical learning and working to eliminate real risk issues. A story that could benefit a lot of other companies too.
Speaker: Jan Joost Bouwman
Jan-Joost stumbled into IT almost 20 years ago, starting on a temp job for 5 days that lasted 7 years. During those years he has been mostly on the functional/process side of things, having worked as tester, designer, information analyst, project manager, application manager, change manager and currently as process owner of the ITIL change management process at ING.
He is also the self appointed DevOps evangelist and community leader there, trying to help his co-workers to make the transition to DevOps and Continuous Delivery and have fun with it at the same time!
In his spare time he enjoys travelling the world to watch birds, or cooking, but rarely at the same time.
CPE (PE-Punten)
1 CPE