Governance

Governance

 

Definition and strategic planning

Organization, process engineering

Technological surveillance

Services catalog

Procurement strategies

Contractual modeling

Monitoring and performance dashboards

risque

Risk Management

 

Risk analysis, impact analysis, audits

Security and continuity policies and guidelines

Continuity procedures and plans, crisis management

Security strategies

Implementation of security measures

Training and awareness

Risk and security indicators

conformite

Compliance

 

Assessments of normative, regulatory or legal compliance

ISO 9001, ISO 27001, ISO 22301, ISO 20000-1 standards

Compliance FINMA, LPD, GDPR, data protection laws & regulations

Quality, Information Security, Business Continuity Management Systems

Compliance indicators

 01

Support strategic planning

by establishing a continuous process of design and implementation of corporate decisions on governance, security, information systems, compliance

 02

Optimize organizational structures, and define roles and responsibilities

by business processes engineering, design and implementation of structures that meet strategic needs, services alignment and human resources incentive mechanisms

 03

Analyse and manage risks and impacts

through audits, threat and vulnerabilities identification, risk qualification, assessing business impacts and proposition of risk treatment measures

 04

Develop skills & competencies

including educating employees on the principles and rules in relation to management and operation of information systems, business continuity, security and quality (BCI Good Practices Guidelines, ISO 27001, ISO 22301, ISO 20000, ISO 9001)

 05

Assess compliance and present gap analysis

through compliance audits, definition of indicators, development and implementation of compliance dashboards

 06

Enforce asset management

by establishing inventories and monitoring systems of information assets, tangible or intangible; definition of deployment, use, maintenance and disposal rules

 07

Establish incident management

by designing and implementing the organization and processes for identification, analysis and treatment of information security and business continuity incidents

 08

Manage business continuity

through the design and implementation of a framework (organization and process) necessary for the prevention, response (crisis management) and recovery in case of disaster

 09

Support implementation of management systems

by designing the organization, policies and guidelines for achieving quality objectives (ISO 9001), information security objectives (ISO 27001), business continuity objectives (ISO 22301), services management objectives (ISO 20000-1), or environmental objectives (ISO 14001)

 10

Maintain legal and regulatory compliance

by establishing the organization and measures required for regulatory and legal surveillance and compliance (FINMA, LPD, GDPR, data protection international laws and regulations)

 11

Evaluate and select service providers and manage the relationship

by preparing and managing requests for proposals and the formalization of suppliers / customers relationship models, definition of service level agreements and contractual management

 12

Identify opportunities to improve operational efficiency

by supply chain optimization and process reengineering

 13

Assess and rescue projects in crisis

by clarifying requirements, redefining the project charter, the planning and the resources as well as governance model and staffing adjustments

 14

Support change management

Support change management through a communication plan, impact analysis, training and awareness campaigns