Case Study

IT Controls & Risk Assessments

Share this Case Study with a friend.

Customer Challenge

After a major loss-event, a European head-quartered global bank approached Citihub to help improve their level of IT control and risk management by implementing a bank-wide certification process covering the whole IT estate. The bank was at the time under intense regulatory scrutiny, not least from a high profile rogue trader incident. Because of this, the initiative had aggressive implementation timelines, a very high profile and was politically charged.

How Citihub Helped

Citihub provided a team of 12 highly experienced consultants with a blend of audit, banking application architecture and process expertise. The banking experience of the application architects and process consultants allowed us to reshape the in-flight project to make it more relevant and efficient to its end users, thus ensuring success of adoption. We also identified >50 controls falling between the gaps in the existing approach during quality assurance. The repeatable process included a catalogue (listing in-scope controls), process documentation, assessment tooling and operating model, central analysis and reporting, and mobilisation and tracking of remediation activities.

The process was defined and deployed successfully across 3,000 IT controls with assessment repeating quarterly. Once the assessment had been successfully piloted and implemented, Citihub helped to define an ongoing service which was transitioned to an internal off-shore service centre.

Client Benefits

Improved IT control and risk management
Regular quarterly risk assessment implemented across 3,000 IT controls.

Regulatory remediation
Successful implementation of the assessment service within planned timeframes helped the bank to manage intense regulatory and audit scrutiny.

Quality, consistency & relevance
Citihub ensured that the process was relevant to its users and that data quality was managed through the lifecycle thus improving its adoption, accuracy and consistency. The mind-set of users changed from a perception of this being ‘done to them’ to an acceptance of it being ‘done by them’.

Sustainable processes and tooling
Citihub’s knowledge of the bank, and of banking practices in general were applied to the processes and toolset ensuring successful integration within the bank.

Incremental step-change reductions in cost of ongoing service
Citihub immediately reduced the bank’s consulting costs when engaged and worked proactively with the client to manage a transition to an internal lower cost service centre, ensuring that the bank implemented a sustainably successful solution while being cost effective.

Related Case Studies

Our Insights

see all insights

Learn more about our Services

Application Modernization

Driving the technical, operational and cultural changes required for adoption of cloud native architectures, platforms and services

Application Modernization
read more
read more

Making data accessible, usable, accurate and secure

Data Management
read more
read more

Architecture, design and hands-on engineering of secure and scalable private and public cloud platforms

Cloud Platform Services
read more
read more

Ensuring safety of data and applications in the cloud by integrating security into the heart of developer workflow

Cloud Native Security
read more
read more

Unlocking cloud-based developer productivity through modern, dynamic approaches towards compliance

Continuous Compliance
read more
read more

Implementing modern organizational structures and operating models that transcend traditional silos

Enterprise Transformation
read more
read more

Let's talk about your digital transformation

contact us