Helping to meet the Operational Resilience requirements of an Investment Bank
• Set up, and ran the workstream structure, developing a six-step control development process to align with external audit testing methodology;
• Provided expertise in challenging topics such as privileged access management and Joiner/Mover/Leaver (JML) processes;
• Wrote and agreed control blueprints with the client’s external auditor, including extensive evidence documentation;
• Tracked and managed the external auditor’s feedback comments;
• Coordinated efforts and managed stakeholder engagement across multiple business and technology teams; and
• Identified other security risks and issues beyond the scope of the external audit, for the client’s consideration to further strengthen the client’s environment.
As a result, the client was able to successfully complete the Control Design phase for their identity and access management controls.
We were chosen through a further RFP process to continue supporting the client in the next phase of the delivery.