IT Controls & Risk Assessments
After a major loss-event, a European head-quartered global bank approached Synechron to help improve their level of IT control and risk management by implementing a bank-wide certification process covering the whole IT estate. The bank was at the time under intense regulatory scrutiny, not least from a high profile rogue trader incident. Because of this, the initiative had aggressive implementation timelines, a very high profile and was politically charged.
Synechron provided a team of 12 highly experienced consultants with a blend of audit, banking application architecture and process expertise. The banking experience of the application architects and process consultants allowed us to reshape the in-flight project to make it more relevant and efficient to its end users, thus ensuring success of adoption. We also identified >50 controls falling between the gaps in the existing approach during quality assurance. The repeatable process included a catalogue (listing in-scope controls), process documentation, assessment tooling and operating model, central analysis and reporting, and mobilisation and tracking of remediation activities.
The process was defined and deployed successfully across 3,000 IT controls with assessment repeating quarterly. Once the assessment had been successfully piloted and implemented, Synechron helped to define an ongoing service which was transitioned to an internal off-shore service centre.
How we’ve helped our clients achieve their transformation goals for other large-scale, global programs
Strategic client rationalization
Global Business Wind-down and Divestment
A Path to IT Optimization