Scaling an Application Security Program at the IMF: A Case Study

The IMF and Aspect Security (now part of EY) created a risk-based assurance process to build the IMF’s application security program from the ground up. Presenters will share experiences in scaling from the occasional review of a few applications to providing assurance across our portfolio of applications. The session will discuss how to provide targeted training, tailored design guidance and risk-based assessment activities.

Learning Objectives:
1: Understand the value of risk-based assessments.
2: Understand how to vary the rigor of security activities based on risk.
3: Understand the value of tailored security design guidance.



Jason Li Senior Manager, Cyber Security, Ernst & Young LLP


Majid Malaika Application Security Specialist, International Monetary Fund

← View more Videos

This document was retrieved from on Sat, 23 Mar 2019 02:49:44 -0400.