Challenge
A top 10 bank needed assistance in redesigning process improvements in cloud governance and managing their Cloud Control Exceptions (CCE) Process to:
- Drive efficiency and improve cloud compliance and insight
- Ensure a more secure and robust cloud governance process
- Enhance cloud controls and risk statements
Solution
Infinitive wrote and registered Cloud Controls leveraging the client’s standards to manage upcoming risk statements within its Enterprise Risk Management (ERM) platform, which included:
- Developing an analytical dashboard by using AWS QuickSight to display various metrics cloud governance works and collects
- Providing the bank with valuable ideas to improve the CCE process
- Providing enhanced risk statement templates to capture risk and align to NIST
Outcome
Our efforts drove efficiencies by 50% and allowed the client to:
- Visualize current risk posture (in relation to Cloud Exceptions), review/processing time, and graphical representation of risk scores for each of the bank’s lines of business
- Reduce the initial review time from 5 days to 2 days
- Analyze more specific risk statements aligned to NIST and other best practices
- Maintain a secure operation leveraging AWS
Published June 16, 2022