Regulatory compliance for corporations isn't new, though it has become a popular topic and, sometimes, the subject of intense media coverage. In the end, it's really all about risk, and how your business manages it. Cindy Sterling, a director of BMC Software's Identity Management business unit, can provide the "411" on risk management. She takes you through the definitions, critical points, and key steps so that you can better understand risk management for your IT organization. And, if you'd like to see how best practice standards like CobIT map back to business service management, she gives you a visual reference so you can correlate the control objectives to your service-level objectives.
First, you have to think of risk management as a business issue, not just an IT issue. How important is it to you? What are you trying to accomplish? You must understand that there are internal and external drivers for risk. Which ones do you focus on first, and why? What is the most important risk to your business right now that you may have not considered? Advises Cindy, everything about your risk management process should deliver value back to the organization, or you'll "risk" just wasting your time.
Cindy Sterling is a director at BMC Software, Inc. Since joining BMC in 1993, Cindy has held several executive positions including director of operations for field marketing for the Americas covering five business units, director of North American technical services for security management solutions, and worldwide director of product marketing and business development for identity management solutions. The flagship product of her business unit is BMC Identity Management Suite, the most successfully deployed solution in the market today, covering directory management and vsualization, user administration and provisioning, audit and compliance management, access management, and password management.
Prior to 1993, Cindy held several professional and management positions at American United Life Insurance Company. At AUL, her career activities included automating the company’s data center, which included deployment of several BMC Software solutions. Cindy holds a Bachelor of Science in Mathematics degree from Taylor University.