Managing Information Security Risks in a Shared Services Organization
ScottMadden has helped a number of companies improve their security practices. Contact us to learn how we can help support your cybersecurity projects.
At a Glance
Gap Analysis
Evaluated client’s current security policies against an established industry framework, identifying control gaps for improvement
Long-Term Impact
Created a new security position focused exclusively on sustaining security within the shared services organization
Security Roadmap
Developed a security roadmap to address specific risks and improve information security for the entire enterprise
Challenge
A multifunction shared service organization (SSO) in the entertainment industry needed to assess its security practices. Given recent security breaches in the company’s industry and feeling a compelling need to drive change, the assessment would involve identifying the risks to the organization’s information and prioritizing mitigating solutions.
Process
- Evaluated client’s current security policies against an established industry framework, identifying control gaps for improvement
- Assessed compliance with applicable enterprise security policies and controls through key stakeholder interviews, utilizing a maturity assessment methodology
- Conducted workshops with key stakeholders to develop and prioritize solutions and implementation plans
- Identified initiatives to improve the overall efficiency and effectiveness of the client’s shared services processes
Result
- An enhanced security culture within the SSO as a result of the team working together to develop security solutions
- Creation of a new security position focused exclusively on sustaining security within the SSO
- Prioritized recommendations tailored to meet the SSO’s business needs
- A security roadmap addressing identified risks and improving information security for both the SSO and the enterprise
Related Insights
Operational Technology Asset Management
Case Study
A midsize southwestern utility’s operational technology (OT) division had a highly customized and outdated asset management system that was difficult to use and maintain.
Security Operating Model Design and Implementation
Case Study
A large U.S. energy company needed to standardize cybersecurity and become more transparent and deliberate in their methodology for securing the enterprise.
Cybersecurity Operational Technology Program Development
Case Study
A large electric and gas utility’s enterprise IT cybersecurity group initiated the IT-OT program to address the increasing threat of cyber attacks against OT found in the operating environment.
Let’s Work Together
We don’t solve problems with canned methodologies. We help you solve the right problem in the right way. Our experience ensures that the solution works for you.