Helping to meet the Operational Resilience requirements of an Investment Bank

We helped an investment bank with their Identity and Access Management (IAM) audit remediation, where we:

• Set up, and ran the workstream structure, developing a six-step control development process to align with external audit testing methodology;

• Provided expertise in challenging topics such as privileged access management and Joiner/Mover/Leaver (JML) processes;

• Wrote and agreed control blueprints with the client’s external auditor, including extensive evidence documentation;

• Tracked and managed the external auditor’s feedback comments;

• Coordinated efforts and managed stakeholder engagement across multiple business and technology teams; and

• Identified other security risks and issues beyond the scope of the external audit, for the client’s consideration to further strengthen the client’s environment.

As a result, the client was able to successfully complete the Control Design phase for their identity and access management controls.

We were chosen through a further RFP process to continue supporting the client in the next phase of the delivery.

If you would like to talk to us about IAM audit remediation, then please get in touch with us at or by phoning  +44 203 603 4733.