After an internal assessment, the client identified operational inefficiencies and gaps against regulatory standards for 3rd party management which posed a serious legal and reputational risk to the firm.
This also led to potential unnecessary costs within IT and business as they could be paying for software or services for which they currently do not need/use.
The Client has introduced a policy to ensure they are only using software and services that they have a legal right to use and is supported by the manufacturer. This is to ensure they remain compliant with the contractual agreements they have with the software manufacturers and vendors to avoid fines and potential legal action.
In this context, TORI was requested to perform a deep-dive analysis and remediation actions to mitigate these risks. Some of the most relevant activities of this project were: