How to manage conflict of interest in regard to new contractual agreements? DORA definition: "Before entering into a contractual arrangement on the use of ICT services, financial entities shall: (e) identify and assess conflicts of interest that the contractual arrangement may cause."

2.1k views1 Comment

Sort by:

Engineering Manager2 years ago

Managing conflicts of interest in new contractual agreements requires a multi-faceted approach. To begin with, it is crucial to develop robust security and GRC policies and integrate conflict of interest assessments into risk evaluations. Additionally, implementing automated monitoring tools can help to monitor any disputes effectively. Forming a Security Oversight Committee is also recommended to review any potential conflicts. It is essential to assess the impact of conflicts on security and compliance to tailor proactive security measures.
Furthermore, it is advisable to document decisions and provide specialized security awareness training for employees. Regularly auditing security measures ensures sustained compliance and builds trust with stakeholders. This approach effectively manages conflicts of interest in new contractual agreements.

Content you might like

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Do you plan to buy cyber insurance in the next year?

Yes42%

No, we don't have plans to37%

No, we already have cyber insurance19%

View Results

I am looking for a practical risk management framework to implement in ServiceNow IRM(GRC). Our specific goal is to use an existing set of cyber security risks. Any pointers will be much appreciated.

How long does your organization retain original systems logs used to filter SOX-related actions into a system that requires review of the logs and retains the filtered logs for seven years? Does your organization consider those original system logs records subject to record retention requirements, or supporting information used to create the SOX records?

90 Days12%

365 Days41%

3 years29%

5 years9%

7 years9%

Other (share in the comments)

View Results

How to manage conflict of interest in regard to new contractual agreements? DORA definition: "Before entering into a contractual arrangement on the use of ICT services, financial entities shall: (e) identify and assess conflicts of interest that the contractual arrangement may cause."

Sort by:

Content you might like

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Do you plan to buy cyber insurance in the next year?

I am looking for a practical risk management framework to implement in ServiceNow IRM(GRC). Our specific goal is to use an existing set of cyber security risks. Any pointers will be much appreciated.

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go