2019 Flyer Advisory RZ - KuppingerCole...known NIST-areas, making it the premium toolset for fast...
Transcript of 2019 Flyer Advisory RZ - KuppingerCole...known NIST-areas, making it the premium toolset for fast...
KEY AREAS FROM ANALYSIS TO COMPLETION KuppingerCole Analysts‘ Advisory Services comprise four well-integrated focus areas, which together provide a comprehensive range of services desig-ned to assistyou in meeting your requirements and achieving your goals.
� BENCHMARK & OPTIMIZATION
� STRATEGY SUPPORT
� ARCHITECTURE & TECHNOLOGY SUPPORT
� PROJECT GUIDANCE
KUPPINGERCOLE ANALYSTS ADVISORY SERVICES COMPREHENSIVE KNOWLEDGE THROUGH CUR-RENT RESEARCH, A GLOBAL VIEW THROUGH INTERNATIONAL POSITIONING, INTENSE BUT NEUTRAL COMMUNICATION WITH ALL MARKET PARTICIPANTS AND STANDARDIZED WORKING PRACTICES IN LINE WITH EXTENSIVE EXPERIENCE: THIS DEFINES KUPPINGERCOLE ANALYSTS‘ ADVISORY SERVICES.
KuppingerCole is an independent analyst company that provides advisory services with a focused strategy. Our core competence are lean, efficient advisory projects with a well-proven approach.
Our advisory clients benefit from the expertise of an experienced and demonstrably successful ana-lyst company. On this foundation, we support you in identifying and defining strategic solutions for your challenges, which include:
� Improve market position
� Increase security levels and minimize business risks
� Establish new business models
� Increase efficiency and reduce infrastructure costs
� Establish a safe and compliant cloud strategy
� Achieve a sustainable and compliant approach to regulatory requirements
KuppingerCole Analysts are your trusted advisors to ensure your competitiveness and increase your potential.
6© 2019 KUPPINGERCOLE ANALYSTS AG5 © 2019 KUPPINGERCOLE ANALYSTS AG
KUPPINGERCOLE ANALYSTS ENDUSER ADVISORY-PRODUCTS
REGULATORY COMPLIANCE
ARCHITECTURE DESIGN & REVIEW
BUSINESS REQUIREMENTS
& VALUE
VAIT CIAMTECHNO-
LOGY ROADMAP
BAIT CYBER SECURITY
IT GOVERNANCE
ROADMAP
PSD2 IAM STRATEGIC DEVELOPEMENT
GDPR PROCESS MATURITY
BENCH- MARKING
BEST PRACTICES IAM PROCESSES
STRATEGY REVIEW
MATURING & OPTIMIZATION
VENDOR SELECTION &
CHOICE OF TOOLS
SPOTCHECKS
OPERATIONAL EFFICIENCY
CLOUD RISK &
CONTROLS MATRIX
ARCHITECTURE BLUEPRINT
MONITORING
PROCESS FRAMEWORKS
INVESTMENT ROADMAP
A clear understanding of the scope and maturity of the defined processes, of the implemented systems and the IAM organization
A well thought-out strategy provides conclusive answers to future chal-lenges and thus helps to significantly shorten decision-making processes
A clear and consistent vision guiding in the development of IT archi-tectures and the selection of technologies, suppliers and products
Support in implementation projects by neutral assessment of the status or by project management on behalf of the client
8© 2019 KUPPINGERCOLE ANALYSTS AG7 © 2019 KUPPINGERCOLE ANALYSTS AG
step one
step two
step three
step four
step five
EVALUATION AND FURTHER DEVELOPMENT
Analysis of the status quo
Identification of potential for improvement and
strategic advancement
Future-proof
ASSISTANCE IN DEFINING
LONG-TERM BUSINESS BENEFIT
Business Value on qualitative level
Quantitative evaluation
SUPPORT IN ARCHITECTURAL
DESIGN
Capabilities
Building blocks
Technological Roadmap
SUPPORT WITH THE SELECTION OF
SUPPLIERS AND TOOLS
Standardized approach, from requirements’
definition to Rfl and PoC
COACHING IN SUBSEQUENT DEPLOYMENT
PHASES
Ensuring and maintaining a successful
implementation, both now
and in the future
advisory phases
10© 2019 KUPPINGERCOLE ANALYSTS AG
A CLEAR UNDERSTANDING OF THE SCOPE AND ADE-QUACY OF THE DEFINED PROCESSES, IMPLEMEN-TED SYSTEMS AND THE ORGANIZATION IN WHICH THEY ARE EMBEDDED IS AN INDISPENSABLE BASIS IN MANY ADVISORY SITUATIONS.
This also enables a comparison with peer organizati-ons and a position determination with regard to cor-porate goals, compliance requirements and the de-gree of efficiency and cost-effectiveness achieved.
Forward-looking teams and organizations apply benchmarking for various criteria of their business processes. To achieve this, a neutral and indepen-dent rating of the level of maturity and adequacy of established processes and implemented technolo-gies is essential.
On the basis of such benchmarking, gaps can be de-tected, recommended or required operational mea-sures can be identified. Subsequently, long-term strategies can be defined and form the basis to initi-ate overarching strategic programs.
KuppingerCole Analysts provides benchmarking and optimization services in a wide range of areas (infrastructure, applications, organization or ope-rations), including Identity and Access Management (IAM), Consumer Identity and Access Management (CIAM), an organizations’ overall readiness for regulatory requirements like GDPR or PSD2, or an organization‘s entire Cybersecurity approach.
KuppingerCole Analysts‘ Reviews & Benchmarking and Readiness Assessments are proven, standard-ized methodologies which allow organizations to understand their status quo in a defined area and/or what they are required to do before entering a new field or technology as well as how to meet regulatory requirements.
12© 2019 KUPPINGERCOLE ANALYSTS AG11 © 2019 KUPPINGERCOLE ANALYSTS AG
READINESS ASSESSMENT PROGRAM – GDPR (EU GENERAL DATA PROTECTION REGULATION)
In 2018, the EU GDPR came into force. From this date forward, the requirements for managing per-sonal data have changed substantially, introducing extended data subject rights and new and modified obligations for organizations. Our GDPR Readiness Assessment offers a standardized, comparable and lean approach to rate the readiness of your organi-zation for the EU GDPR from an organizational, tech-nical and legal perspective.
CLOUD RISK ASSESSMENT
Understanding the risk exposure of cloud services and achieving transparency to these risks towards the organization, the data and service owners is the key challenge for many organizations.
The KuppingerCole Analysts Cloud Risks and Controls Matrix (CRCM) is both a toolkit and a compendium for assisting cloud customers in assessing the overall security risk resulting from the deployment of services in the cloud. This includes moving exis-ting services into cloud infrastructure and creating new cloud-based or hybrid services for the digital era. The CRCM provides a standardized and repea-table methodology for the assessment of cloud ser-vices and their risks.
The KuppingerCole Analysts CRCM supports the understanding of the risk posture of organizations and their cloud solutions in identifying and imple-menting adequate measures to mitigate these risks while supporting organizations in taking the next steps to meet regulatory and legal requirements.
REVIEW AND BENCHMARKING PROGRAM – CYBERSECURITY
Cybersecurity requires a holistic approach across the organization, the network and third-party networks to contain and mitigate cybersecurity threats.
The assessment shows you whether your program is adequate to defend your company against attacks and to meet future requirements. Review & Bench-marking Program builds upon and extends the well-known NIST-areas, making it the premium toolset for fast and reliable assessments.
READINESS ASSESSMENT PROGRAM – PSD2 (EU PAYMENT SERVICES DIRECTIVE)
The finance industry is facing profound change with the introduction of PSD2, that came into force in 2018. The European Commission’s revision of the Payment Services Directive comes with a significant set of new requirements for financial institutions, both with and without banking license. Our PSD2 Readiness Assessment helps you to understand whether your organization is well-prepared for the PSD2 and identifies necessary actions.
The organizations’ maturity/readiness is rated from a business, IT and, if applicable, a legal perspective. The neutral and independent overall maturity/rea-diness level is determined across a comprehensive catalogue of about twelve organizational and techni-cal core areas of interest and compared with similar organizations.
REVIEW AND BENCHMARKING PROGRAM – IDENTITY AND ACCESS MANAGEMENT
The IAM The IAM Review & Benchmarking Assess-ment evaluates the current status of an organiza-tions’ Identity & Access Management and shows whether your existing structures will meet future requirements. The program determines the overall maturity level across a comprehensive catalogue of organizational and technical core areas of interest, compared with similar organizations and includes an action plan as well as recommendations for the IAM target architecture.
ANALYSIS ANALYSIS
AS IS
CONTRACTUAL NEGOTIATION
INTERNAL INVESTMENT
TERMINATION
RISK ACCEPTANCE
RECOM- MENDED
CONTROLS
ADDITONIAL FEATURES
INTERNAL CONTROLS
REVIEW INHERENT
RISK
IMPACT: HIGH
PROBA- BILITY: HIGH
ASSURED RISK
IMPACT: HIGH
PROB- ABILITY: MEDIUM
CERTIFI- CATIONS
ADDITIONAL CONTROLS
PROCESSES
VENDOR INFORMA-
TION
THE CRCM ASSESSEMENT PROCESS
ADDITIONAL ASSURANCES
INFRA- STRUCTURE
14© 2019 KUPPINGERCOLE ANALYSTS AG
Strategy Support
A WELL THOUGHT-OUT STRATEGY PROVIDES CLEAR ANSWERS TO FUTURE QUESTIONS AND THUS HELPS TO SIGNIFICANTLY SHORTEN DECISION- MAKING PROCESSES.
A central area of KuppingerCole Analysts Advisory Services is support in defining corporate strategies. Strategies include the anticipation of future decisions, because a clear and well-thought-out strategy pro-vides answers to future questions and thus helps to significantly shorten decision-making processes. This is particularly evident in the development of strategies that define business processes and their representation in systems and architectures.
Strategies define the use of resources, i.e. to achieve the best result with limited resources with a view to defined goals and recognized constraints.
Depending on requirements, scope and focus, the form and extent of the results to be achieved by KuppingerCole Analysts „Strategy Support“ Advisory Services can vary. Typical results are a (partial) IT strategy, including the draft definition of an imple-mentation program and model projects. In other cases, such results represent the decision temp-late or the management level communication for a company‘s personnel, budget and investment plan-ning.
KuppingerCole Analysts has successfully supported many companies (including several DAX 50 com-panies) in the development of strategies and their program implementation.
BUSINESS REQUIREMENTS AND BUSINESS VALUE
Achieving the enterprise objectives relies on a thorough understanding of the business requi-rements. Delivering business value requires the definition of products and services hand-tailored to the market needs and the individual strengths and opportunities of an organization.
KuppingerCole Analysts assists in defining scope and requirements, understanding an organization’s challenges, its assets and its unique market position.
INVESTMENT ROADMAPS
Based on sector-specific know-how, well-defined requirements specifications and value propositions together with deep insights into adequate enterprise IT strategies, KuppingerCole Analysts assist in iden-tifying individual strategies for building up proces-ses, systems and infrastructures. By combining the aspects of risk-awareness, cost-effectiveness and business efficiency, organizations are supported in defining investment roadmaps.
16© 2019 KUPPINGERCOLE ANALYSTS AG
A CONCISE AND CONSISTENT VISION IN THE DEVELOPMENT OF IT ARCHITECTURES AND THE SELECTION OF TECHNOLOGIES, VENDORS AND PRODUCTS.
This area of KuppingerCole Analysts Advisory Services falls into two separate, but closely related parts: Architecture Design and Vendor Selection & Choice of Tools.
KuppingerCole pursues a clear and stringent vision for the development of IT architectures and techno-logy selection: the actual product decisions are at the end of a clearly defined process. The starting points are the documentation and recording of the requirements and framework conditions that are relevant for the provision of the services achieved. On this basis, exemplary usage scenarios are defi-ned that describe the system to be implemented as comprehensively as possible. In accordance with es-tablished modelling methods, capabilities & building blocks are derived, which are subsequently used in the actual composition of the architecture blueprint.
At that point, capabilities and architectural blocks are mapped to potential IT systems. Thus, a clear di-viding line between architecture design and system selection can be drawn.
18© 2019 KUPPINGERCOLE ANALYSTS AG17 © 2019 KUPPINGERCOLE ANALYSTS AG
Reviews can be executed as one-off exercises at cru-cial project milestones or for an existing, productive platform. They can be continuously applied to ongo-ing projects for achieving current improvements in efficiency and solution maturity. Executing reviews as part of know-how transfer processes to CIOs or other senior management staff leads to immediate and actionable results while empowering the C-level.
VENDOR SELECTION & CHOICE OF TOOLS
KuppingerCole „Vendor Selection & Choice of Tools” Advisory Services represent a clearly defined scope of services for a standardized and quality-assured selection of manufacturers, software and implemen-tation partners. Based on existing requirements, limitations and the architectural concept, potential providers and their product offerings are mapped to identified building blocks. This includes the definition of long list and short list providers, the provision and adaptation of RfI/RfP questionnaires and ana-lysis tools as well as optional support in evaluating the implementation of proof of concept (POC) imple-mentations as a basis for a product decision.
Clients benefit substantially from KuppingerCole’s strong research background with in-depth coverage of a wide range of market segments while maintai-ning vendor neutrality. For several years, our Lea-dership Compass documents have been recognized as prestigious tools that provide an overview of a specific IT market segment, a market survey and de-termine leadership in that segment. It is the Leader-ship Compass that assists decision makers in iden-tifying appropriate vendors and products for their projects. All knowledge gained through our exten-sive research contributes to the success of our pro-jects and guarantees a lean and efficient approach.
ARCHITECTURE DESIGN & REVIEW
KuppingerCole Analysts support state-of-the-art, individualized architecture design. Well defined IT architectures are the foundationl to an adequate implementation of business processes. To achieve this, organizations need to transform requirements definitions and use case scenarios into an appropria-te definition of capabilities, interfaces, services and finally into a well-thought-out, resilient and sustai-nable concept of architectural building blocks. Kup-pingerCole supports all steps to develop deliverab-les like long-term roadmaps, technical architectures and high-level architecture blueprints.
A risk-based approach is embedded into the entire architecture design, so that criteria such as busi-ness, security, regulatory or privacy risks but also sustainability, cost effectiveness or efficient and consistent migration strategies are reflected in fu-ture-proof architecture designs. This includes stra-tegic definitions and a risk-based assessment for architecture deployment models between cloud ser-vices, on-premises deployments and hybrid approa-ches.
An important part of KuppingerCole advisory work is the review and assessment of existing concepts, systems and architectures. By providing an indepen-dent and objective second opinion, KuppingerCole Analysts assist by verifying correctness and com-pleteness of targeted or already implemented solu-tions, or by identifying gaps and challenges, be they functional, technological or from a requirements point of view. To get from the analysis to actionable results, findings are reviewed and then leveraged as the basis for prioritized recommendations to sup-port in the definition of immediate action plans and long-term strategies and programs.
choice of tools 1. requirements
Analysis
2. long list short list definition
3. rfi / rfp support
5. vendor selection support
7. poc: execution assessement
6. poc: usecase defintion
4. vendor presentation preparation & execution support
20© 2019 KUPPINGERCOLE ANALYSTS AG
SUPPORT IN THE EVALUATION AND MANAGEMENT OF IMPLEMENTATION PROJECTS OVER TIME (ONE-TIME OR SCHEDULED).
The actual execution of projects, especially IT projects can vary substantially in quality and time-liness. KuppingerCole Analysts “Project Guidance” Advisory Services provide support in assessing and managing implementation projects over time.
Project guidance can take the form of a one-off spot check of a running project (either planned or due to obvious performance issues), to identify and trace gaps, scheduling problems, quality shortcomings, communication issues or other obstacles. Such a spot check typically leads to a gap analysis, recom-mendations for next steps and, if necessary, sugge-stions for more substantial measures.
Long term projects or programs typically require continuous, regular and sustainable project guidan-ce, which comes at defined project steps or on de-mand/scheduled.
22© 2019 KUPPINGERCOLE ANALYSTS AG21 © 2019 KUPPINGERCOLE ANALYSTS AG
www.kuppingercole.com
REACH OUT TO KUPPINGERCOLE
ANALYST´S ACCOUNT MANAGEMENT
TO EXPLORE DIFFERENT OPTIONS
CONTACT YOUR ACCOUNT MANAGER OR
ACCOUNT MANAGER Katharina Gebru P: +49 | 0211 - 23 70 77 - 17 E: [email protected]
ACCOUNT MANAGER Wendy Wissink P: +49 | 0211 - 23 70 77 - 18 E: [email protected]
ACCOUNT MANAGER Thomas Steinmayer P: +49 | 0211 - 23 70 77 - 28 E: [email protected]
ACCOUNT MANAGER Michael Buerger P: +49 | 0211 - 23 70 77 - 32 E: [email protected]
ACCOUNT MANAGER Sven Harth P: +49 | 0211 - 23 70 77 - 49 E: [email protected]
ACCOUNT MANAGER Linda Dietsche P: +49 | 0211 - 23 70 77 - 20 E: [email protected]
ACCOUNT MANAGER Kerstin Bienhaus P: +49 | 0211 - 23 70 77 - 36 E: [email protected]
FOUNDER / PRINCIPAL ANALYST Martin Kuppinger P: +49 | 0211 - 23 70 77 - 55 E: [email protected]
LEAD ADVISOR / SENIOR ANALYST Matthias Reinwarth P: +49 | 631 - 35 79 00 43 E: [email protected]
LEAD ANALYST Alexei Balaganski P: +49 | 0211 - 23 70 77 - 24 E: [email protected]
ADVISOR Richard Hill P: +49 | 211 - 23 70 77 - 0 E: [email protected]
LEAD ANALYST Anmol Singh P: +49 | 6502 - 92 45 E: [email protected]
LEAD ANALYST John Tolbert P: +49 | 211 - 23 70 77 - 0 E: [email protected]
ABOUT KUPPINGERCOLE ANALYSTS
EUROPE’S LEADING ANALYSTS ON THE TOPICS OF INFORMATION SECURITY IN THE ERA OF DIGITAL TRANSFORMATION
KuppingerCole Analysts, founded in 2004, is an international and independent Analyst organization
headquartered in Europe. The company specializes in offering neutral advice, expertise, thought
leadership and practical relevance in Information Security, Identity & Access Management (IAM),
Governance (IAG), Risk Management & Compliance (GRC) as well as all areas concerning the
Digital Transformation. KuppingerCole Analysts supports companies, corporate users, integrators
and software manufacturers in meeting both tactical and strategic challenges. Maintaining a balance
between immediate implementation and long-term viability is at the heart of KuppingerCole Analyst’s
philosophy.
KUPPINGERCOLE ANALYSTS AG
[email protected] www.kuppingercole.com
P: +49 | 211 - 23 70 77 - 0 F: +49 | 211 - 23 70 77 - 11
Wilhelmstraße 20 – 22 65185 Wiesbaden | GERMANY