Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Protiviti helps global retail bank transform
information risk management function,
solidify leader status
IT Consulting – ...
How We Help Companies Succeed
As the business world becomes more and more connected, it is critical to view data governanc...
Upcoming SlideShare
Loading in …5
×

Protiviti Helps Global Retail Bank Transform Information Risk Management Function, Solidify Leader Status

103 views

Published on

A global retail banking organization with several international operations engaged Protiviti to identify and eliminate weaknesses in its information risk management (IRM) program. The company had developed this
program in response to heightened regulatory scrutiny and increased publicity surrounding large-scale information security breaches in the financial services industry; however, it needed to make sure gaps in the program were properly addressed in order to achieve maximum confidence among partners and stakeholders.

Published in: Business
  • Be the first to comment

  • Be the first to like this

Protiviti Helps Global Retail Bank Transform Information Risk Management Function, Solidify Leader Status

  1. 1. Protiviti helps global retail bank transform information risk management function, solidify leader status IT Consulting – Managing IT Security and Privacy Client Challenge A global retail banking organization with several international operations engaged Protiviti to identify and eliminate weaknesses in its information risk management (IRM) program. The company had developed this program in response to heightened regulatory scrutiny and increased publicity surrounding large-scale information security breaches in the financial services industry; however, it needed to make sure gaps in the program were properly addressed in order to achieve maximum confidence among partners and stakeholders. POWERFUL INSIGHTS Our client had launched a comprehensive, multi-year remediation program of its information control systems. It required expert assistance with identifying and closing gaps in the program, as well as developing a roadmap for the IRM organization in the future. We stepped in to assess the current state of the IRM program, manage the remediation process, and provide our client with a long-term transformational vision for the program that fits with the new regulatory climate. Working closely with our client, we were able to identify six key risk areas in the organization’s information cycle: data protection, records management, data quality, logical access management, regulatory compliance and third-party risk. We then devised a remediation strategy to eliminate weaknesses in all of these areas. Specifically, our information security experts: • Performed a current state assessment of the client’s IRM function against the key risk areas in order to identify controls already in place and control gaps in need of mitigation. • Provided specific remediation recommendations for closing the gaps. • Performed an assessment of the client’s capabilities to identify opportunities for increased efficiency in achieving the IRM goals of the business. We also defined a target operating model with which to address identified deficiencies. • Created a three-year investment and resource allocation roadmap and set strategic direction for the IRM program with the new and stricter regulatory climate in mind. PROVEN DELIVERY As a result of this project, our client enlarged the breadth and depth of its cross-functional IRM skills, improved measuring and reporting on the IRM status, and achieved increased efficiency and effectiveness across IRM operations. More importantly, by implementing Protiviti’s data governance strategy, our client was able to provide assurance that information risks are managed and solidify its trusted adviser status with business stakeholders. Our client has since asked Protiviti to support the management and execution of key work streams within the IRM transformation program that resulted from the strategic review we performed.
  2. 2. How We Help Companies Succeed As the business world becomes more and more connected, it is critical to view data governance and privacy as a business issue, not just an IT issue. Data classification and management, security threats, vulnerabilities, and privacy exposures challenge every organization today, creating risks that must be understood and managed. Often organizations do not know what risks they face or how to manage these risks effectively. Equally important, good security and privacy practices can provide revenue growth opportunities through personalized support to clients. Protiviti provides a wide variety of security and privacy assessment, architecture, transformation and management services to help organizations identify and address security and privacy exposures (e.g., loss of customer data, loss of revenue or reputation impairment to a customer) before they become problems. We have a demonstrated track record of helping companies react to security incidents, establish security programs, deal with identity and access management, and handle industry-specific data security and privacy issues, including PCI and HITRUST. We invite you to explore the various IT security and privacy services we offer: • Security Strategy & Program Management Services • Identity & Access Management Services • Data Security & Privacy Management Services • Vulnerability Assessment • Security Operations & Implementation Services • Incident Response & Forensics Services Contact Cal Slemp +1.203.905.2926 cal.slemp@protiviti.com About Protiviti Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through our network of more than 70 offices in over 20 countries, we have served more than 35 percent of FORTUNE 1000® and FORTUNE Global 500® companies. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index. ©2013 Protiviti Inc. An Equal Opportunity Employer. PRO-PKIC-1013-127 Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.

×