After an internal assessment, the client identified operational inefficiencies and gaps against regulatory standards for third-party management which posed a serious legal and reputational risk to the firm.
This also led to potential unnecessary costs within IT and business as they could be paying for software or services for which they currently do not need/use.
The Client has introduced a policy to ensure they are only using software and services that they have a legal right to use and is supported by the manufacturer. This is to ensure they remain compliant with the contractual agreements they have with the software manufacturers and vendors to avoid fines and potential legal action.
What We Did
In this context, TORI was requested to perform a deep-dive analysis and remediation actions to mitigate these risks. Some of the most relevant activities of this project were:
- Created an on-boarding form for all identified software which can pass internal and external audits (1100 + software)
- Gathered requirements of identified software and analysed how it is being used by the Client
- Analysed the licence agreements, focusing on how many licences the company has vs Number of users with access to the software
Outcome & Results
- Reduced exposure to undesirable risk and loss of reputation
- Increase in control of their current licence management policies
- Increase in control of their access management processes
- Cost saving via not renewing unnecessary software contracts
- As a result of all the onboarding and renewals, TORI help the client to save £245k in 1 year and has enabled the Client to address compliance issues