Scroll Top
City skyline with an overlay of graphs and reports
0
By titicus Case Study February 5, 2019

Automating IT Risk Management For A Financial Services Leader

This financial services giant, a part of a Fortune 5 global conglomerate, had manual risk assessment and response processes for 1,400 mission-critical applications across 14 business units spread around the globe. Asset owners were responding to generic questionnaires for risk assessment; and the process overall was inefficient, inconsistent, and error-prone. The customer engaged SDG to implement the TruOps Risk Management solution from SDG, which allowed them to assimilate thousands of mission-critical assets across the business units into a common platform, with dynamic form-based assessments, workflow approvals, configurable calculations, and insightful reporting for management and Federal regulators.

[image_with_animation image_url=”11945″ alignment=”center” animation=”Fade In” hover_animation=”none” border_radius=”none” box_shadow=”none” image_loading=”default” max_width=”50%” max_width_mobile=”default” img_link=”https://staging.sdgc.com/wp-content/uploads/Automating_IT_Risk_Management_for_a_Financial_Services_Leader.pdf” margin_bottom=”20″]

Download Case Study

Key Challenges:

  • Heightened federal regulatory requirements and scrutiny of financial institutions in the post-financial crisis era.
  • Pressure to grow business due to increased competition and economic uncertainty.
  • Existing risk management processes were haphazard and inconsistent.
  • Risk assessments were done manually with a lack of standardization across the organization, resulting in errors and inconsistencies.
  • Productivity loss because each year the process was started from scratch, with no sharing and reuse of components.
  • End-to-end process took several months to complete, resulting in dangerous delays in the identification, analysis, and remediation of threats.

Benefits

[text-with-icon icon_type=”image_icon” icon_image=”11593″]

The end-to-end audit process time has been reduced from 7 months to 7 weeks.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11593″]

Risk management is more consistent and uniformly executed across the organization.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11593″]

Emerging risks are proactively identified, analyzed, and acted on earlier.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11593″]

Process automation, shared artifacts, and workflow across the organization have resulted in efficiency and reduced cost of compliance.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11593″]

Management dashboards provide an aggregate view across the organization, and promote a broader understanding of risk.

[/text-with-icon]

SDG Solution

SDG provided an integrated solution for risk management by implementing an enterprise-wide, centralized global solution. This solution leveraged existing knowledge and programs to establish a unified, consistent, and comprehensive framework across the enterprise for:

[icon_timeline timeline_line_color=”#425b76″ time_block_bg_color=”#f7f7f7″ time_sep_color=”#000000″ time_sep_bg_color=”#69d72d” tl_animation=”tl-animation-shadow” timeline_margin=”margin-right:5px;margin-left:5px;”][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Managing the inventory of all relevant IT assets and their risk tolerance.

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Identifying and classifying all possible threats to each asset and the risk exposure for each threat.

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Building a comprehensive enterprise risk plan by identifying and mapping risk response options for assets based on the assessed threat.

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Implementing the plan to mitigate, minimize, or accept the risk.

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Ongoing monitoring of the risk management processes.

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Enhancing risk awareness through the use of predefined, dynamic risk analysis dashboards and reports.

[/icon_timeline_item][/icon_timeline]

Download Case Study

About SDG

SDG is a global cybersecurity, identity governance, risk consulting, and advisory firm that advises and partners with clients to address their complex security, compliance, and technology needs and delivers on strategy, transformation, and long-term management of their cybersecurity and IAM programs.

titicus / About Author
More posts by titicus