Like most successful financial services organizations, the bank recognizes that risk management and information security are a vital part of its growth and of its very existence. Where the bank showed great insight was in realizing that while compliance initiatives may keep auditors at bay, true confidence in one’s information security measures requires a risk based approach that provides answers to questions that auditors will be asking tomorrow, and not just the ones they are asking today. The task of building and delivering this confidence fell to the Technology Risk Management (TRM) team.
With Brinqa VRM, within 90 days the bank:
- Established an authoritative vendor and engagement repository
- Assigned vendor risk classifications
- Completed an entire cycle of risk assessments for over 1,700 vendors and 5,000 vendor engagements.