We helped a client with their Identity and Access Management (IAM) audit remediation, where we:
- Set up, and ran the workstream structure, developing a six-step control development process to align with external audit testing methodology;
- Provided expertise in challenging topics such as privileged access management and Joiner/Mover/Leaver (JML) processes;
- Wrote and agreed control blueprints with the client’s external auditor, including extensive evidence documentation;
- Tracked and managed the external auditor’s feedback comments;
- Coordinated efforts and managed stakeholder engagement across multiple business and technology teams; and
- Identified other security risks and issues beyond the scope of the external audit, for the client’s consideration to further strengthen the client’s environment.
We were chosen through a further RFP process to continue supporting the client in the next phase of the delivery.