Building program management capabilities in technology risk policies & standards
We instituted a process for standardizing and articulating Technology Risk policies and standards, laying the foundation for our client to institute industry-best information security practices.
The Situation
A premier US bank needed to streamline its information security policy program management. Gaps in standardization and program management methodology were beginning to cause problems. For example, there was an ever-increasing disparity in new documentation and a large backlog of outdated materials. Complicating the situation was the department’s need to respond to new regulatory requirements, which developed as a result of increased oversight of the financial services industry.
The Satori Solution
We established a streamlined program of policy and standard creation and review, which helped decrease the number of outdated documents from 75% to 8%. We created templates for outlining security standards, which, when applied to existing material, eliminated numerous inconsistencies in standards being used throughout the firm’s technology infrastructure. We also coordinated the creation of the first-ever Technology Governance Handbook for the bank’s global Technology organization. The Handbook articulated the setup and underlying philosophy of Technology Division governance, proving essential for internal reference and regulatory inquiries.
The Results
We streamlined the bank’s information security policy program and positioned the Technology Risk division for a larger role within the company. Our client is now seen as the information security leader within the financial services industry.
CONTACT US
Please get in touch with us and one of our experts will be happy to answer your inquiry or set up a consultation.