Customer: Bank, Munich
Topic: ICS – PS 951 / ISAE 3402
Tasks: conception, software support, project support
Starting position and objective
- Alignment of the process and control objectives according to the international framework Cobit 5
- Transferring the existing ICS into a software-supported approach with systematic assessments to control and avoid risks
Procedure and solution
- Support in creating concrete controls from Cobit 5 templates
- Ensuring the multiple use of these controls in different assessments (for example, in parallel assessments with different assessment objects)
- Definition of standardized questionnaires for individual topics (e.g., event management, authorization management, etc.)
- Ensuring that all relevant and risky IT core processes are taken into account by means of standardized questionnaires
- Connection of the adjusted controls with the process or control objectives of the Cobit 5 standard (thereby: simplified coordination of the assessment contents at the service providers of the customers)