09 - 11 March, 2020
| Sir Stamford Circular Quay, Sydney, NSW
Pre-Conference Workshops: Monday, 9th March 2020
Workshops A
9:00 am - 11:00 am
Practically Understand how to Use the FAIR Methodology to Quantify Risks and Enable Effective Decision Making from Business Leaders
Michael Collins -
General Manager Information Security,
HESTA
FAIR is an internationally recognised standard for risk quantification, adopted by more than 5,000 security and risk professionals and is a moment that is growing rapidly within the industry. This methodology provides a structured, defensible and reputable model for risk quantification that moves beyond the traditional compliance-based approach.
In this workshop, you will be guided on how to practically use the FAIR methodology within your organisation, to best quantify risks and gain executive buy in. A must attend for any risk professional who is struggling to communicate the effects of risk implications in financial terms to enable effective decision making from business leaders!
In this workshop you will learn to:
- Bridge the gap between the information risk model and the overall business plan
- Provide a model for understanding, analysing and quantifying cyber risk in financial terms
- Translating cyber risk into the language of the business
- Deliver meaningful measurements to make effective comparisons and well-informed business decisions
Workshops B
11:30 am - 1:30 pm
Uplifting Technology Risk Management Through Improved Communication, Ownership and Customer Experience
Amy Woolf -
Risk Operations Principal, Networks & IT,
Telstra
In this masterclass, Amy will identify key ways to successfully ensure that technical risks can be used to help an organisation effectively manage their end-to-end risk profile. She will examine how technical SMEs can describe risk in a way that is meaningful for Business Executives and identify the key factors that both groups have a shared interest in, including customer experience metrics, Processing speed and security over customer data, to support strong communication channels.
In this workshop you will learn:
- What are the key factors that will support a strong basis for communication?
- Making the connection between technical risks and the impact they can have to the products and services of an organisation
- How can customer facing processes consider known technical risks so that there isn’t a disconnect between what is promised externally and what can be delivered?
- How can a technical risk register influence an operational risk register e.g. technical risks impacting processing volumes / process effectiveness? Is it shared metrics / shared language?
