The workshop is a four-hour session with key stakeholders within the organization. Iceberg subject matter experts (SMEs) conduct short interviews prior to the workshop itself, and then facilitate a group discussion. The workshop is broken up into the following sections:
- Review the organization’s key business goals
- Review each stakeholder’s key business and/or security objectives
- Develop a list of priorities based on the above points and discuss the overall vision
- Review the GRC Solution from a high level to provide context to the possibilities
- Establish prioritized use cases and metrics
- Summarize next steps and action plan
SMEs are able to provide comparative comment to organizations of similar size and complexity when defining goals and objectives, and to suggest best practices within the industry.
Within the two weeks after the workshop, Iceberg prepares an initial draft of the deliverables. After feedback and input from participants, a final set of deliverables is prepared and presented to the customer.
- Creates an understanding of the organization’s key business goals and objectives as they relate to the GRC solution, and creates the organizational alignment required to achieve these
- All participants gain a better appreciation of the objectives of their peers, and the way in which requirements may (or may not) be
- Develops a group consensus on key priorities and business drivers for the GRC solution that help determine the order and timetable for individual use case
- Risk Management is the core strength of Iceberg’s management consulting services. Iceberg’s professional services team includes certified security and risk experts, in addition to GRC product subject matter.
- A high level, graphical, road map diagram of the key objectives of the solution roll out, the key areas impacted, and the prioritized order of operations to accomplish the short and long term business
- An executive presentation slide deck that outlines both macro goals of the program as well as the individual (micro) steps that are recommended for the organization to
- One page summaries of the initial justifiable work packages defined in the session that moves the organization towards the defined end
Without a plan and road map, successful GRC application development can be very challenging. Iceberg’s Visioning & Alignment Workshop helps chart the proper course and recommends the starting point for an effective program. The resulting solution becomes the executive dashboard that any organization can leverage to make effective, informed business decisions.
“This easily could be the most productive and worthwhile workshop that my team and I have ever participated in. It provided the representatives of the different government ministries with a good appreciation of the value of our GRC investments, and future value for the government. Every large organization should seriously consider leveraging this workshop.”
CISO, Provincial Government