Cyber Security Risk Framework Assurance – UK Building Society

Client Challenge

The Society, as part of its BAU operations, required support to augment its IT Risk team, orientated to Cyber Security and IT Controls.

The Society faced significant challenges in maintaining a robust IT security and risk management framework as part of its BAU operations.

The rapidly evolving landscape of cyber threats, combined with increasingly stringent regulatory requirements, placed considerable pressure on the Society’s IT Risk team to ensure the security and integrity of its information systems and data assets.

What We Did

As part of the support, the TORI team conducted activities such as:

  • Analysis of the existing Cyber Risk Framework, policies and procedures, KRIs and other elements established by the organisation
  • Perform analysis of exposed vulnerabilities and provide information related to potential threat vectors
  • Support other BAU activities related to IT control & Risk in supporting 2 LOD

Outcome & Results

As a result of the engagement, the client obtained:

  • Key findings report on the maturity of the cyber risk management framework
  • Recommended next steps to address risks related to the management and reporting of cyber risks
  • Early warning identification of leaked data to the dark web and follow on recommendations to the client on ransomware prevention
  • Support for ongoing 2nd and 3rd line of defence IT Risk & Cyber Security BAU queries and activities as requested

Share on LinkedIn