- We provided services for the ISS Risk & Compliance department of our client.
We provided an ISS expertise assignment with the following objectives:
- Risk analysis of the customer’s IS projects;
- Put forward solutions (technical and/or organisational) to reduce these risks;
- Support the customer's IS projects throughout their life cycle;
- Monitor and advise on the RFI/RFQ phase;
- Advise/validate architectures, verify technical audit results, monitor security action plans, advise on go-live decision;
- Advise on/validate major changes during the implementation phase.
Keys to success
- Security expertise and an understanding of third party risk management issues;
- Our capacity, as a service provider, to interact with a wide range of business managers with different degrees of IS security knowledge;
- Our ability to move issues forward in a matrix management system in spite of the usual strong resistance of audit activities;
- Our quality of reporting to decision makers (CROs, CISOs, regional COOs);
- Our rationalisation of benchmarks in a demanding international context.