Track V: Managing Risk & Compliance II

1st European Identity Conference

07.05. - 10.05.2007, Munich

Moderator:

Tim Cole, KuppingerCole

What Does The Auditor Want To See? (I)

09.05.2007 11:00-12:00

IT Compliance and Auditing

Dr. Christoph Capellaro, Ernst & Young AG

Marko Vogel, KPMG

Björn Toemmler, ISACA

Hans-Jürgen Hohmeier, DATEV eG

What exactly do auditors expect from corporate IT? Which measures will help the company to achieve a clean bill of health from their assesor? This German-language panel will provide practical suggestions and insights into the way auditors assess IT security and compliance issues.

What Does The Auditor Want To See? II

09.05.2007 12:00-13:00

IT and Basel II: Is IT Security already a rating factor?

Thomas Uhl, Topalis AG

Sonja Binder, Bayerischer Sparkassenverband

With Basel II banks and other financial services are required to examine all possible risk factors before grating loans to companies and organizations. In theory, at least, these include IT security and IT compliance. However, most banks lack quaified personnel to perform such checks. What must banks do to make sure they aren't overlooking important risks? How can companies increase their credit worthiness by investing in IT security and identity management?

Legal Issues for Identity Federation

09.05.2007 14:00-15:00

Legal framework for identity federation in Germany and Europe

Prof. Dr. Renate Dendorfer, Heussen Rechtsanwaltsgesellschaft mbH

This German-language presentation will cover the major regulatory systems and give a preview of possible new and stricter rules and laws being prepared by the German federal government and by the EU.

Outsourcing

09.05.2007 15:00-16:00

Compliance & IT Outsourcing

Pierre Lestage, CGI/Bell Canada

Martin Riley, HP

Gonzalo Cuatrecasas, Approva

Dr. Peter M. Heij, Satyam Computer Services Ltd.

Andreas Binder, Sapient Ltd.

How do you remain compliant if your IT is suddenly being run in Bangalore? What are the issues in cross-border projects? Which best practices should companies follow is choosing an outsourcing partner? What are the threats, the opportunities?

Entitlement Management

09.05.2007 16:30-17:30

Enterprise Entitlement Management - Simplifying Management of Complex Authorization Policies

Hal Lockhart, BEA

Andreas Luther, Microsoft

Ralf Knöringer, Atos IT Solutions and Services GmbH

Dr. Harald Meyer, Novell

Archie Reed, HP

Entitlement is one of many new buzzwords in the identity field, promising to offer the next layer of protection for applications in an Internet environment with much more fine-grained security through enterprise entitlement management, or EEM. KCP believes that the industry is heading toward implementing centralized services that are able to process complex and lengthy decisions so a business application doesn't have to incorporate all this internally. EEM can automate such tasks as policy administration, decision and enforcement, and vendors are following widely different approaches ranging from federation-based models to the use of open standards. IT security worries and the business needs for next-generation provisioning systems are among the key drivers to be discussed in this panel, along with compliance requirements and process definitions.

Navigation