Caso Práctico

Risk analysis and ISS compliance

Expertos en seguridad supervisan los proyectos de SI del cliente

Industry
  • Automotive

 

Challenge
  • We provided services for the ISS Risk & Compliance department of our client.

Solution

We provided an ISS expertise assignment with the following objectives:

  • Risk analysis of the customer’s IS projects;
  • Put forward solutions (technical and/or organisational) to reduce these risks;
  • Support the customer's IS projects throughout their life cycle;
  • Monitor and advise on the RFI/RFQ phase;
  • Advise/validate architectures, verify technical audit results, monitor security action plans, advise on go-live decision;
  • Advise on/validate major changes during the implementation phase.

Keys to success

  1. Security expertise and an understanding of third party risk management issues;
  2. Our capacity, as a service provider, to interact with a wide range of business managers with different degrees of IS security knowledge;
  3. Our ability to move issues forward in a matrix management system in spite of the usual strong resistance of audit activities;
  4. Our quality of reporting to decision makers (CROs, CISOs, regional COOs);
  5. Our rationalisation of benchmarks in a demanding international context.