Case Study
The client is a major insurance company in UK. They wanted to conduct vendor risk assessment for all IT and non-IT suppliers.
Infosys helped them in completing risk assessments for 150+ vendors within an estimated time period.
Key Challenges
- Absence of segregation of suppliers based on the risk score
- Unable to complete the enhanced security assessment on time and communicate risks and remediation opportunities to business owners
- Unable to understand the existing risk assessment process
- Limited time frame between assessment and supplier engagement
- Single point of contact to handle the vendor risk assessment for all suppliers
The Solution
Effective management and tracking of supplier details
Standard pre-assessment conducted for each vendor
Managed audit information related to supplier IT risk assessment for ITGC36 and ITGC37
Created a central repository of the supplier details
Risk assessment for all IT and non-IT suppliers completed on time
Benefits
On time risk assessment for 150+ vendors
Completed risk assessments for 150 suppliers as per ISO 27001
Timely reporting and closure of any deviations/observations
Vendor risk assessment extended to all the supplier across HR, finance, claims increasing the security posture
350+ vendors pre-assessments and 150+ vendors enhanced risk assessments completed
Request for services
Find out more about how we can help your organization navigate its next. Let us know your areas of interest so that we can serve you better.
