| ITSM fine tuning with SOX compliance |
| |
 |
| |
| The idea |
| SOX has become a compliance requirement. IT organizations have to redesign their IT Governance and IT delivery processes to implement necessary controls specified in standard. ITSM mature service delivery processes can be tuned with right amount of effort and impacts to implement required IT controls. |
| |
| The client |
| The client is a large multilateral banking organization based out of US. The ITSM fine tuning was successfully done by Operations Excellence practice for the Treasury banking unit of the bank. |
| |
| The business challenge |
| A big 4 Audit firm had identified the key applications impacting SOX compliance and the associated ITGC key control objectives and activities. It was a significant challenge to leverage on the best of practices from ITIL / BS15000, BS7799/ISO17799 and CMMI and also ensuring compliance to IT controls for SOX requirements. |
| |
| The solution |
| Operations Excellence practice reviewed and validated the ITGC key control objectives and activities. A detailed gap analysis (Discover) on IT processes against ITIL, BS 15000, BS7799 and CMMI was conducted. Business and operations processes with SOX controls and risk management were defined using process documentation tool. Strategy was defined for SOX compliance through optimal and value adding deployment of best practices. |
| |
| Business benefits |
 |
Internal controls compliant to SOX are in place |
|
Integrated interrelationship between functions within IT such as application development, IT Infrastructure and IT Security. Clear roles and responsibilities for the IT organization |
|
Defined and identified key performance Metrics |
|
| |
| |
