Approch

In financial institutions like banks, Operational Risk departments drive Information Security and IT Security related processes, and require a heavy alignment. It can be very challenging to achieve this alignment without using  a common taxonomy and shared platforms. Kommercni Bank intended to achieve this goal by utilizing the RSA Archer GRC Platform.

Our Solution

We utilized RSA Archer IT Risk Management, Policy Management, IT Control Assurance and Issues Management modules to build the related IT and Information Security processes to achieve consolidated reporting to the Operational Risk Department.

The Result

Our implementation after collecting and analyzing requirements helped IT and Information Security provide a consolidated risk and compliance report to the Operational Risk department on time in the expected format and taxonomy, even though IT and Information Security were able to utilize their own methodologies at full scale.