Managing Information Security Risks in a Shared Services Organization
ScottMadden has helped a number of companies improve their security practices. Contact us to learn how we can help support your cybersecurity projects.
At a Glance
Gap Analysis
Evaluated client’s current security policies against an established industry framework, identifying control gaps for improvement
Long-Term Impact
Created a new security position focused exclusively on sustaining security within the shared services organization
Security Roadmap
Developed a security roadmap to address specific risks and improve information security for the entire enterprise
Challenge
A multifunction shared service organization (SSO) in the entertainment industry needed to assess its security practices. Given recent security breaches in the company’s industry and feeling a compelling need to drive change, the assessment would involve identifying the risks to the organization’s information and prioritizing mitigating solutions.
Process
- Evaluated client’s current security policies against an established industry framework, identifying control gaps for improvement
- Assessed compliance with applicable enterprise security policies and controls through key stakeholder interviews, utilizing a maturity assessment methodology
- Conducted workshops with key stakeholders to develop and prioritize solutions and implementation plans
- Identified initiatives to improve the overall efficiency and effectiveness of the client’s shared services processes
Result
- An enhanced security culture within the SSO as a result of the team working together to develop security solutions
- Creation of a new security position focused exclusively on sustaining security within the SSO
- Prioritized recommendations tailored to meet the SSO’s business needs
- A security roadmap addressing identified risks and improving information security for both the SSO and the enterprise
Related Insights
Operational Technology Asset Management
Case Study
A midsize southwestern utility’s operational technology (OT) division had a highly customized and outdated asset management system that was difficult to use and maintain.
Security Operating Model Design and Implementation
Case Study
A large U.S. energy company needed to standardize cybersecurity and become more transparent and deliberate in their methodology for securing the enterprise.
Cybersecurity Operational Technology Program Development
Case Study
A large electric and gas utility’s enterprise IT cybersecurity group initiated the IT-OT program to address the increasing threat of cyber attacks against OT found in the operating environment.
Let’s Work Together
We don’t solve problems with canned methodologies; we help you solve the right problem in the right way. Our experience ensures that the solution works for you.