Councils workplans - European CIO Association

European CIO Association
General Assembly
Brussels 25 Nov 2015
Opening; Minutes GA Paris, 17 June 2014
Council Suppliers; Dario Scrosoppi
Council Cloud Computing; Cyril Bartolo
Council Cyber Security; Edwin d’Hondt
Council HR & Education; Jean-marc Guiol;
Education Program; EC projects; Paul Costelloe
Added Value Inquiry & TaskForce Advise;
Board proposal for restructuring EuroCIO
Freddy Van den Wyngaert
Financial results 2014
AOB, closure
Supplier Relationship Council
Chairman & Board sponsor: Dario Scrosoppi
Members :
Cyril Bartolo
Harald Cremer
Ian Trim
Luc Delombaerde
Maurizio Terdina
Morten Wagner
Peter Bal
Steffen Ruisinger
Thomas Eberhard
Ton Arrachart
Hervé Mouth
Robert Wander
Corp. Head of Application, Lagardère (FR)
Sr IT Manager, ThyssenKrupp (DE)
ICT Procurement, Nestlé (CH)
CIO, Van de Moortele (BE)
Corporate Centre ICT, Generali (IT)
Head of Global IT Sourcing, ISS (DK)
CIO, Wabco Europe (BE)
IT License and Supplier Management, Daimler (DE)
CIO, Kontron (DE)
CIO, Van Oord Dredging (NL)
IT Procurement, Airbus (FR)
CIO Office, Linde (DE)
Supplier Relationship Council
Year plan 2014
Actions 2014:
 Strong push on SAP
 Bring in new suppliers
Deliverable 2014:
use cases (as indirect access, licenses transfer, etc.) endorsed by
Meeting planning
3x Face-to-face – the first in Barcelona in Q1 2014
One conference call to prepare each face 2 face meeting
Supplier Relationship Council
Achievements 2014
Activity is mainly focused on SW Vendors about:
Licensing issues
Maintenance conditions
Product roadmap
Currently 2 main vendors engaged, SAP and Microsoft:
3 face-2-face meetings (Amsterdam and Paris [2]) plus
for the preparation of the meeting
SAP back at the table
Re-inforced Microsoft links
Supplier Relationship Council
Year plan 2015
Actions 2015:
 Push on achieving some conclusions with SAP & MS
 Bring in new suppliers ?
Deliverable 2015:
 Close use cases (as indirect access, licenses transfer, etc.)
endorsed by SAP
 Guidelines on audit process
Meeting planning
3-4 x Face-2-face (one with MS, one with SAP WW Head of
One conference call to prepare each face-2-face meeting
Cloud Computing Council (CCC) in
Chairman: Cyril Bartolo
Board sponsor: Freddy Van den Wyngaert
 Internal sharing of experience and best practices
 Through conf calls and meetings
 Start of a list of Cloud outages (a decision criteria being the history of the Provider)
 Start of a list of best practices and points of attention per Cloud offer (e.g. O365,
 EuroCIO participation to European Commission activities
 (2010-11) Definition of the European Cloud Strategy
(2014) Corresponding Consultation won by EuroCIO to evaluate the satisfaction of the Cloud
Users in front of the European Commission activities
(2013-14) European Cloud Partnership (board member)
Cloud Standards Coordination (DG CONNECT & ETSI)
SIG Certifications + SIG SLA + SIG Data protection code of conduct (DG CONNECT)
Safe and Fair Contracts (DG JUST)
WP214 Consultation (WP29) [about international data transfers]
Regular meetings with DG CONNECT and DG JUST to voice User’s expectations
EuroCIO representation in many other European events (EC or non EC)
Private Cloud OK, Public Cloud not
 Private Cloud is a great first step keeping control on most things
 Public Cloud adoption is far lower than expected: not mature enough
 Gartner 2008: SaaS estimated to 25% in 2011 is now estimated to 10% in 2018…
 A new CCC deliverable (still gathering comments before making it public)
 “Obstacles to go Public Cloud and solutions (EuroCIO) v0c”
 Obstacles to go Public Cloud
Contracts are unbalanced and not negotiable
Providers not liable for service interruption, data loss, data breach
Users are civilly and penally liable
Legal compliance (e.g. data protection) are complex to understand and to meet
Missing Cloud security certification stamped by the ECommission
=> Public Cloud is sometimes doable but does require a strong understanding
and a very strong negotiation power to limit the risks
Weak Cloud framework to improve
 But the best IT guys and lawyers can’t really negotiate a Cloud contract
due to the weak European legal framework in disfavor of the Users
=> Enterprises should dedicate a few time to lobby/voice User’s
 If not the laws will remain in favor of Cloud Providers and the Users
will continue to be at risk: we should not let others define our Cloud
 For that, punctual time from Experts are needed in some domains:
Standards and certifications
Data protection
Cloud contracts
SLA & interoperability & reversibility
Council CyberSecurity
Chairman: Edwin D’Hondt
Board sponsor: Christian Pagel
Council members :
Ad Krikke, CISO, DSM (NL)
Joss Delissen, CIO, POSTNORD (SE)
Alf Moens, CISO, SURF (NL)
Andreas Gaetje, IT Security, GENERALI (IT)
Matthieu Boutin, Mission Director, CIGREF (FR)
Bruno Chenet, Head of ICT-Security , AIRBUS Ove Bristrand, Cloud & Security Advisor, DFS CIO
Christian Meyer, CISO, SGL CARBON (DE)
Petros Theodorakis, CIO, DESFA (EL)
Edwin d'Hondt, VP Enterprise Architecture &
Sofia Moilinou, IT Security, INTERAMERICAN (EL)
Infrastructure, UMICORE (BE)
Jan Wessels, Information Security and Risk
Management , RABOBANK (NL)
Steffen Siguda, Corporate InfoSec and Data
Protection Officer, OSRAM (DE)
John Petersen, Group IS/IT Security, NESTLE
Wim Hafkamp, CISO, RABOBANK (NL)
Joris Van Herzele, CISO, UMICORE (BE)
Wim Sonnemans, IT Security Architect, ASML (NL)
Joseph Mager, CISO, NS.NL (NL)
Council CyberSecurity
November 2014
Deliverables 2014
Organize the council
Realize major corner stones
• We defined for EuroCIO network the mission statement on Cyber Security
• We defined a template-framework to structure the Cyber Security scope
Governance and Legislation
Incident Management and Awareness continued communication
Business monitoring and Maintain platform of trustees
Establish Master Class on Cyber Security
• We defined with PDB and Paul Costello the content and set-up
• We will start Master Class as of January 2015
Link to European Commission
• We developed and maintain interface with EC and EC-CERT
Council CyberSecurity
November 2014
Plan 2015
Optimize the template-framework
• We will update the content together with the project team of the World
Economic Forum (WEF).
• A one-day seminar is planned for early 2015 at the company DSM. Invites will
go to our council members / EuroCIO members and WEF delegates.
• Hereafter we will by priority enrich the topics within the template-framework.
Enrich content of Master Class on Cyber Security
Improve two-way communication with EuroCIO network members
• Structurally formalise the information sharing with direct members and
National Bodies
HR&Education Council
Chairman: Jean-Marc Guiol
Director of Education program: Paul Costelloe
Board sponsor: Christian Pagel
Members :
Costelloe, Paul EuroCIO (UK)
Degli Esposti, Fabio SEA Milano (IT)
Delissen, Joss PostNord (SE)
Gran, Inger DFS CIO Forum (SE)
Hecker, Christoph Voice eV (DE)
Kerteszne Gerecz, Eszter VISZ (HU)
Lau, Frederic CIGREF (FR)
Pagel, Christian Thyssen-Krupp (DE)
Staudinger, Bernd Daimler (DE)
Sulliga, Peter Bayer (DE)
Van den Wyngaert, Freddy Agfa-Gevaert (BE)
Vogd, Foppe CIO Platform (NL)
HR&Education Council
 Design of an approach to increase participation and bring value to
 E-leadership Journey, first draft in May with a limited group of participants
 Approved by Eurocio Board in June
 Decision to launch the initiative during the annual conference (workshop #5)
 EuroCIO participation to European Commission activities
 CEN/WS ICT Skills meetings
 European commission projects
 GUIDE: ownership of 3 curriculum profiles
 Secretariat of the Grand Coalition: Dissemination of Digital Agenda activities
 Intraprise: Promotion of entrepreneurial activities within organisations
e-leadership curriculum profile
Innovation & Transformation through ICT
e-leadership curriculum profile
Business & Enterprise Architecture
e-leadership curriculum profile
Information Security Governance
Executive Education Programme
• Professional Programme in Business and Enterprise
• Cohort 2 commenced
• Executive MBA
• Nyenrode
• TU Munich
• Master Classes in Information Security Management
• January 2015 launch
• Feedback from customer survey
HR&Education Council
Year plan 2015
Actions 2015:
 Nominate a project manager
 Deliver first actions derived from the workshop through webinars
(x3) and council meetings (x2)
 Follow-up on EC projects

similar documents