Governance

Governance

 

Governance definition and strategic planning

Organization, process engineering

Technological surveillance

Procurement strategies

Contractual modeling

Monitoring and performance dashboards

risque

Risk Analysis

 

Risk analysis, impact analysis, audits

Security and continuity policies and guidelines

Continuity procedures and plans, crisis management

Security strategies

Implementation of security measures

Training and awareness

Risk and security indicators

conformite

Compliance

 

Assessments of normative, regulatory or legal compliance

ISO 9001, ISO 27001, ISO 22301, ISO 20000-1, ISO 31000 standards

Compliance FINMA, LPD, GDPR, international laws & regulations

Quality, Information Security, Business Continuity Management Systems

Compliance indicators and dashboards

 01

Support strategic planning

by establishing a continuous process of design and implementation of corporate decisions on governance, security, information systems, compliance

 02

Optimize organizational structures, and define roles and responsibilities

by business processes engineering, design and implementation of structures that meet strategic needs, services alignment and human resources incentive mechanisms

 03

Provide risk analysis and management services

through audits, threat and vulnerabilities identification, risk qualification, assessing business impacts and proposition of risk treatment measures

 04

Develop skills & competences

including awareness campaigns to C-level individuals and employees and education on tne principles and rules in relation to information security, business continuity, data protection and quality (BCI Good Practices Guidelines, ISO 27001, ISO 22301, ISO 14001, ISO 9001, ISO 31000, GDPR, CISSP, CISM, CISA)

 05

Assess compliance and present gap analysis

through compliance audits, definition of indicators, development and implementation of compliance dashboards

 07

Manage information security and data protection

through the development and implementation of information security processes, risk assessments and deployment of security controls

 08

Manage business continuity

through the design and implementation of a framework (organization and process) necessary for the prevention, response (crisis management) and recovery in case of disaster

 09

Support implementation of management systems

by designing the organization, policies and guidelines for achieving quality objectives (ISO 9001), information security objectives (ISO 27001), business continuity objectives (ISO 22301), services management objectives (ISO 20000-1), or environmental objectives (ISO 14001)

 10

Maintain legal and regulatory compliance

by establishing the organization and measures required for regulatory and legal surveillance and compliance (FINMA, LPD, GDPR, international laws and regulations)

 11

Evaluate and select service providers and manage the relationship

by preparing and managing requests for proposals and the formalization of suppliers / customers relationship models, definition of service level agreements and contractual management

 12

Identify opportunities to improve operational efficiency

by supply chain optimization and process reengineering

 13

Assess and rescue projects in crisis

by clarifying requirements, redefining the project charter, the planning and the resources as well as governance model and staffing adjustments

 14

Support change management

through a communication plan, impacts analysis, training and awareness campaigns

Governance Risk analysis  Data protection Business continuity