To review the existing IT GRC policy document, do a GAP analysis bench marked against COBIT, ITIL & ISO: 27001 and come out with a short term and long term road map for implementing the IT GRC framework across the Enterprise.
The client is a leading supply chain company in the world headquartered in Singapore and having its IT operations in Chennai and having operations in 64 countries. . The project was to review their existing IT GRC document critically and come out with a revised IT GRC road map to be implemented across the company. Our team recommended a bottom up approach and a steady roll out of policies & procedures.
- We reviewed the IT GRC policy document and did a GAP analysis bench marked against COBIT 4.1, ITIL V3.0 and ISO: 27001 and carried out additions/modifications in several places.
- We conducted discussions with IT team and business owners about the requirement, recommended a bottom up approach and came out with a standardized model for implementing IT GRC policies, procedures across the business units in various countries.