Case Studies

BannerHealth Case Study

Issue link: https://resources.edgile.com/i/1074867

Contents of this Issue

Navigation

Page 1 of 1

What Was Needed What We Did Benefits Delivered Principled approach and clear path forward for Information Security, IT Controls, Risk Management, 3 rd Party and Metrics. Clear understanding of information and technology - oriented risks both without controls and after compensating controls are incorporated. Automation to proactively route control performance requirements, capture evidence and perform a pass/fail rating. Coordination with procurement, legal, IT, business and information security to manage risks and control capabilities of their vendors. We took a services - based approach, defined services the functions needed to offer, assessed the current and target state, then packaged, prioritized and sequenced projects with resource and time estimates. Used our risk methodology and accelerators to develop an integrated risk and compliance framework with risks categorized and rated. Included harmonized laws and regulations Enabled automation with standardized risk control matrices and narratives along with playbooks to perform the requisite controls. Included a cross - walk with transparent linkage to related laws and regulations. Converted spreadsheets and manual processes into standardized forms, dynamic workflow with tiered risk - based surveys and assessments. Clarity of two - year journey, interdependencies with a risk - based strategy and supporting business case. Board level reporting with easy - to - understand risk ratings, where investment is paying off and hotspots. 180 degree cultural shift to proactive, positive assurance, ultimately reducing audit issues. Automation efficiencies, centralized access to standardized vendor ratings and improvement areas. Case Study: Solution Details © 2019 Edgile, LLC – All Rights Reserved edgile.com Strategy & Roadmap 1 Risk Register 2 IT Controls 3 3 rd Party Risk Management 4 Powered by ServiceNow: Policy and Compliance | Risk | Audit | Vendor Risk Management | Performance Analytics Premium Edgile Practice Leaders Central David Deckter Partner (312) 371 - 6363 david.deckter@edgile.com East Geoff Hauge Partner (646) 469 - 9008 geoff.hauge@edgile.com West Brian Rizman Managing Director (908) 489 - 3293 brian.rizman@edgile.com

Articles in this issue

Links on this page

view archives of Case Studies - BannerHealth Case Study