Background: With over 850 business units globally, this de-centralized IT function needed to establish formal IT governance standards and guidelines as part of its Enterprise Risk Management program.
CTS Impact Solution: Using the COBIT / ITGI standard framework as a best practice, CTS Impact performed the following:
- Conduct risk assessment
- Develop and document IT policies and guidelines
- Disaster recovery and business continuity
- Physical, environmental and system security
- Access controls
- IT operations
- Change management – applications and technical infrastructure
- Data management
- SLA compliance
- Monitor and review compliance
- Coordinate self-assessments on annual basis
- Perform testing of high risk business units
- SOC 1 review of significant third-party providers