introduction to change introduction to change management
play

Introduction to Change Introduction to Change Management - PowerPoint PPT Presentation

Jan 12, 2024 •461 likes •835 views

San Francisco Chapter San Francisco Chapter Introduction to Change Introduction to Change Management Management Tuesday, September 23, 2008 Mark Lundin Steve Owyoung Partner Manager KPMG LLP, IT Advisory KPMG LLP, IT

  1. San Francisco Chapter San Francisco Chapter Introduction to Change Introduction to Change Management Management Tuesday, September 23, 2008 Mark Lundin Steve Owyoung Partner Manager KPMG LLP, IT Advisory KPMG LLP, IT Advisory

  2. Discussion Discussion topics topics  Why change management and its significance  Types of changes in production environment  Change management controls  Impact of weak change management control  Integrity management  Change management leading practices  Software Development Life Cycle (SDLC) 2 San Francisco Chapter San Francisco Chapter

  3. Why change management Why change management 
 and its significance? and its significance? Why change management 1 and its significance? Types of changes in 2 production environment Change 3 management controls Impact of Organization 4 weak change control Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 3 San Francisco Chapter San Francisco Chapter

  4. Why change management Why change management 
 and its significance? and its significance?  The total fraud losses in the United States Why change management 1 to be $660 billion a year and its significance?  Off all the computer crimes reported Types of changes in 2 production environment Women 32% Change 3 Minorities 43% management controls Ages 21-35 67% Impact of 4 weak change 75% - control Computer fraud 90% Integrity 5 management 31% Change 18% Programmers Others management Application 6 computer crime 14% leading Clerical committed by Users Students practices 12% former or current Managers employees 11% Software (knowledgeable 7 Development Occupation insiders) Life Cycle Source: Association of Certified Fraud Examiners and National Center For Computer Crime 4 San Francisco Chapter San Francisco Chapter

  5. Why Change Management Why Change Management 
 and its significance? and its significance?  Change management – it is Why change management 1 and its significant because it helps an significance? organization to be efficient Types of changes in 2 production environment Change 3 management Adapting to change Controlling change Effecting change controls Impact of 4 weak change control Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 5 San Francisco Chapter San Francisco Chapter

  6. Types of changes Types of changes 
 Changes in production environment Changes in production environment Why change management 1 and its significance? Internet Types of changes in 2 production environment Change 3 management Network controls Equipment Impact of 4 weak change control Integrity 5 management Change management 6 leading practices Software 7 Development Physical Control Life Cycle 6 San Francisco Chapter San Francisco Chapter

  7. Types of changes 
 Types of changes OS changes (Host) OS changes (Host) Why change  Applying OS patches Applying OS patches management 1 and its ◦ OS vendor recommendation significance? Types of ◦ Opening/closing OS services changes in 2 production  Re-imaging Re-imaging environment Change ◦ As a backup plan when an OS update didn’t 3 management controls go as planned Impact of 4 weak change ◦ As part of major/minor/emergency control application changes Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 7 San Francisco Chapter San Francisco Chapter

  8. Types of changes Types of changes 
 Network changes Network changes Why change  Software changes Software changes management 1 and its ◦ Deploying OS significance? ◦ Patching OS Types of changes in 2  Configuration Changes Configuration Changes production environment ◦ Updating firewall, router, switch Change 3 management configuration controls Impact of  Hardware changes Hardware changes 4 weak change control ◦ Adding/removing of network equipment Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 8 San Francisco Chapter San Francisco Chapter

  9. Types of changes 
 Types of changes Application changes Application changes Why change  Company specific application change Company specific application change management 1 and its ◦ Major, minor and emergency changes significance? Types of  Database changes Database changes changes in 2 production ◦ Schema changes environment Change ◦ Database upgrades (version upgrade) 3 management controls Impact of 4 weak change control Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 9 San Francisco Chapter San Francisco Chapter

  10. Types of changes Types of changes 
 Physical access change Physical access change Why change  Physical access to datacenter Physical access to datacenter management 1 and its ◦ Preventing root level access through a significance? Types of system console changes in 2 production ◦ Deactivating terminated employee’s physical environment access Change 3 management ◦ Deactivating temporary physical access controls Impact of 4 weak change control Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 10 San Francisco Chapter San Francisco Chapter

  11. Types of changes Types of changes 
 Logical access change Logical access change Why change  OS Access Change OS Access Change management 1 and its ◦ privileged access to production/mission significance? critical server Types of changes in 2 production  Application Access Change Application Access Change environment ◦ privileged access to production/mission Change 3 management critical application controls Impact of 4  Network Access Change Network Access Change weak change control Integrity ◦ privileged access to network equipment 5 management Change management 6 leading practices Software 7 Development Life Cycle 11 San Francisco Chapter San Francisco Chapter

  12. Change management controls Change management controls 
 Planned/routing maintenance changes procedure and controls Planned/routing maintenance changes procedure and controls Why change management 1 and its significance? Types of changes in 2 production environment Change 3 management controls Impact of 4 weak change control Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 12 San Francisco Chapter San Francisco Chapter

  13. Change management controls Change management controls 
 Emergency/System Recovery change procedure and controls Emergency/System Recovery change procedure and controls Why change management 1 and its significance? Types of changes in 2 production environment Change 3 management controls Impact of 4 weak change control Integrity 5 management Change management 6 leading practices 13 San Francisco Chapter San Francisco Chapter

  14. Impact of weak change controls Impact of weak change controls Why change  Potential for system outages system outages management 1 and its  Prone to unplanned unplanned, unauthorized unauthorized and significance? Types of undocumented undocumented changes changes in 2 production ◦ Unauthorized and undocumented changes environment Change  Causes unexplained additional problems or 3 management outages controls  Causes unplanned changes as problems are Impact of weak 4 change control troublesome to resolve due to the prior undocumented changes Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 14 San Francisco Chapter San Francisco Chapter

  15. Impact of weak change controls Impact of weak change controls Why change  Prone to system attack Prone to system attack – example denial of management 1 services and its significance?  Misuse of resource Misuse of resource Types of changes in 2 ◦ Unplanned work production environment ◦ Creates monetary loss Change 3 management  Causes legal implication Causes legal implication controls ◦ Due to the exposure of sensitive customer data Impact of weak 4 change control ◦ Due to system unavailability to customers  Losing a customer/ business Losing a customer/ business Integrity 5 management Change management 6 leading practices Software 7 Development Life Cycle 15 San Francisco Chapter San Francisco Chapter

  16. Integrity management Integrity management – Preventing, – Preventing, detecting and responding to changes in production systems detecting and responding to changes in production systems  Prevention Prevention Why change management 1 and its ◦ Restrict logical access significance? Types of  Firewall, IDS, OS and Application changes in 2 ◦ Unnecessary services production environment  Disable at the servers Change 3 management  Block by the firewalls controls Impact of ◦ Restrict physical access 4 weak change control  Restrict physical access that houses critical systems to ONLY authorized employees Integrity 5 management  Perform periodic physical access reviews Change management 6 leading practices Software 7 Development Life Cycle 16 San Francisco Chapter San Francisco Chapter

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Change Management Change Management Change Management Appreciate the balance within Change

Change Management Change Management Change Management Appreciate the balance within Change

Slide 2 Purpose of this Session Objectives Understanding of Change Management principles within RBS Understand why CM is important / necessary Change Management Change Management Change Management Appreciate the balance within

249 views • 4 slides
In Need of Change Management sheridancollege.ca Introduction Meet your Presenters Kevin

In Need of Change Management sheridancollege.ca Introduction Meet your Presenters Kevin

Welcome In Need of Change Management sheridancollege.ca Introduction Meet your Presenters Kevin Dickieson Change Management What Happened? Ryan Green CM System Waldo Calderon CAB Our story about how we got involved in

865 views • 35 slides
Faster Safer Compliant Management of your NetSuite Account Home Introduction 1. Management

Faster Safer Compliant Management of your NetSuite Account Home Introduction 1. Management

Faster Safer Compliant Management of your NetSuite Account Home Introduction 1. Management Policies and Procedures 2. Documentation ERD and Customization Record 3. Change Management 4. Impact Analysis 5. Change Tracking 6.

546 views • 41 slides
10/9/19 Change is Hard! Change Management Principles to Make Hard Changes Simpler. Key

10/9/19 Change is Hard! Change Management Principles to Make Hard Changes Simpler. Key

10/9/19 Change is Hard! Change Management Principles to Make Hard Changes Simpler. Key Take-Aways Change is really, really hard. But, there are ways to simplify the process. Effective change management takes time, commitment, trust

400 views • 10 slides
Barriers to Policy Change: Seeking insights from the introduction of Barriers to Policy Change:

Barriers to Policy Change: Seeking insights from the introduction of Barriers to Policy Change:

Barriers to Policy Change: Seeking insights from the introduction of Barriers to Policy Change: Seeking insights from the introduction of paediatric Artemether-Lumefantrine in Sub Saharan Africa ASTMH Symposium y p Friday 5 Th November, 2010,

570 views • 22 slides
LABOR & MANAGEMENT NAVIGATE CHANGE IN WHY A PERFECT STORM? A PERFECT TIME FOR CHANGE

LABOR & MANAGEMENT NAVIGATE CHANGE IN WHY A PERFECT STORM? A PERFECT TIME FOR CHANGE

LABOR & MANAGEMENT NAVIGATE CHANGE IN WHY A PERFECT STORM? A PERFECT TIME FOR CHANGE STRONG HAND ON THE WHEEL IS EXPECTED CHANGE OF COURSE IS MANDATORY RESISTANCE TO CHANGE IS AT ITS LOWEST THE GREATEST LEADERSHIP TEST IN A

702 views • 38 slides
Module 13 Positive Change Management Module 13: Positive Change Management 1 Objectives

Module 13 Positive Change Management Module 13: Positive Change Management 1 Objectives

As we learned in Module 12, our stakeholders and their needs can change over time. In fact, our jobs and priorities change over time. The next Module examines how we as leaders support and guide change when it comes our way. 0 Module 13

730 views • 15 slides
Change Management Board Meeting March 19, 2008 Change Management Board Meeting 1 Welcome and

Change Management Board Meeting March 19, 2008 Change Management Board Meeting 1 Welcome and

Change Management Board Meeting March 19, 2008 Change Management Board Meeting 1 Welcome and Introductions Steve Corbin, CMB Chairman March 19, 2008 Change Management Board Meeting 2 Change Management Board Time Item Lead Supporting

922 views • 81 slides
Coastal climate change impacts - mapping coastal hazard areas Introduction Qld has a long

Coastal climate change impacts - mapping coastal hazard areas Introduction Qld has a long

Coastal climate change impacts - mapping coastal hazard areas Introduction Qld has a long history of coastal specific legislation and policy since 1968 Management of coastal hazards is a key focus Climate change and specifically

522 views • 23 slides
Climate Change in the West Kootenay Trends and Projections Overview Introduction to climate

Climate Change in the West Kootenay Trends and Projections Overview Introduction to climate

Climate Change in the West Kootenay Trends and Projections Overview Introduction to climate science Climate change over the last century Projections of future climate Probability based risk management Probability of The Bell Curve

624 views • 60 slides
CHANGE MANAGEMENT Change management is a structured approach to transitioning individuals, teams,

CHANGE MANAGEMENT Change management is a structured approach to transitioning individuals, teams,

A GREAT IDEA WONT MATTER IF YOU CANT CARRY IT THROUGH A presentation by Mark Casey MJ Casey Consulting details on last slide. CHANGE MANAGEMENT Change management is a structured approach to transitioning individuals, teams, and

283 views • 27 slides
CHANGE MANAGEMENT Overseeing and Empowering How to Achieve Balance ? Problem

CHANGE MANAGEMENT Overseeing and Empowering How to Achieve Balance ? Problem

CHANGE MANAGEMENT Overseeing and Empowering How to Achieve Balance ? Problem Statement Change management is not visible to regulatory assessors Change management is part of the PQS and the process is not necessarily

486 views • 9 slides
Emmanuel Agu MIT Epidemiological Change Introduction Ref: A. Madan , Social sensing for

Emmanuel Agu MIT Epidemiological Change Introduction Ref: A. Madan , Social sensing for

Mobile and Ubiquitous Computing on Smartphones Chapter 8b: Smartphone Sensing Emmanuel Agu MIT Epidemiological Change Introduction Ref: A. Madan , Social sensing for epidemiological behavior change, in Proc Ubicomp 2010 Epidemiology: The study

1.41k views • 50 slides
ART OF CHANGE 21 PRSENTATION 2 ART OF CHANGE 21 ABOUT US Art of Change 21 works in the field

ART OF CHANGE 21 PRSENTATION 2 ART OF CHANGE 21 ABOUT US Art of Change 21 works in the field

ART OF CHANGE 21 PRSENTATION 2 ART OF CHANGE 21 ABOUT US Art of Change 21 works in the field of sustainable development and art and the interlinkages between art, social entrepreneurs and the youth. Art of Change 21 started its activities

302 views • 13 slides
SPOR Communications and Change Management Progress update for EUNDB & SPOR TF Presented by:

SPOR Communications and Change Management Progress update for EUNDB & SPOR TF Presented by:

SPOR Communications and Change Management Progress update for EUNDB & SPOR TF Presented by: Agnieszka Laka SPOR Change Team An agency of the European Union Change management workstream The change management workstream is focusing on two key

381 views • 23 slides
Urological cancers why we need to change Clinical workshop 12 March 2013 Introduction

Urological cancers why we need to change Clinical workshop 12 March 2013 Introduction

Urological cancers why we need to change Clinical workshop 12 March 2013 Introduction and welcome Todays event aims to cover: 1. London Cancers recommendations for Professor Kathy Pritchard-Jones change Chief Medical Officer,

368 views • 23 slides
WITHIN AN SDM SYSTEM Matthias Bchse, M. Thiele, H. Mllerschn SCALE GmbH, Germany Agenda

WITHIN AN SDM SYSTEM Matthias Bchse, M. Thiele, H. Mllerschn SCALE GmbH, Germany Agenda

NEW DEVELOPMENTS ON COMPRESSION AND TRANSFER OF SIMULATION DATA WITHIN AN SDM SYSTEM Matthias Bchse, M. Thiele, H. Mllerschn SCALE GmbH, Germany Agenda Company and Products - Brief Introduction Motivation for Data Compression

579 views • 18 slides
Dr. Oscar Moreno, Manager and Founder, moreno@nic.pr David Soltero-Lugo, david@nic.pr Pedro

Dr. Oscar Moreno, Manager and Founder, moreno@nic.pr David Soltero-Lugo, david@nic.pr Pedro

Dr. Oscar Moreno, Manager and Founder, moreno@nic.pr David Soltero-Lugo, david@nic.pr Pedro Campos, pedro@nic.pr Why was NIC.PR interested in Implementing DNSSEC? NIC.PR is a Research Laboratory involved in various research projects that

395 views • 15 slides
Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and Source Code in C , 2nd. Edition, Bruce Schneier, John Wiley & Sons, Inc. Outline Cryptographic Protocols Introduction Introduction

759 views • 45 slides
for new PSHE leads Celebration event Health Improvement Team Meet the Health Improvement team

for new PSHE leads Celebration event Health Improvement Team Meet the Health Improvement team

Induction meeting Health Partnership for new PSHE leads Celebration event Health Improvement Team Meet the Health Improvement team Claire Meade Stacey Payne Nicole McGregor Mubina Asaria Jina Burrows Karen Gibson RSE & PSHE Mental

921 views • 63 slides
SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics Sundar

SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics Sundar

SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics Sundar Krishnan & Dr. Mingkui Wei Department of Computer Science Sam Houston State University, Huntsville, Texas ISDFS 2019 SC SCADA Ov Overv

635 views • 22 slides
Mission Critical Security for your Mission Critical Applications Bringing NonS top to the

Mission Critical Security for your Mission Critical Applications Bringing NonS top to the

Mission Critical Security for your Mission Critical Applications Bringing NonS top to the Enterprise and the Enterprise to NonS top About XYPRO 29 years serving the HP NonS top community S pecialists in Mission

448 views • 19 slides
Towards a compliance audit of SLAs for data replication in Cloud storage J. Leneutre B.

Towards a compliance audit of SLAs for data replication in Cloud storage J. Leneutre B.

Towards a compliance audit of SLAs for data replication in Cloud storage J. Leneutre B. Djebaili, C. Kiennert, J. Leneutre, L. Chen, Data Integrity and Availability Verification Game in Untrusted Cloud Storage, Conference on Decision and Game

484 views • 33 slides
Implementation and Evaluation of a NAT-Gateway for the General Internet Signaling Transport

Implementation and Evaluation of a NAT-Gateway for the General Internet Signaling Transport

Implementation and Evaluation of a NAT-Gateway for the General Internet Signaling Transport Protocol Roland Bless and Martin Rhricht Institute of Telematics, Department of Computer Science KIT University of the State of Baden-Wuerttemberg

345 views • 15 slides

More recommend