IT Controls and Risk Assessments

After a major loss-event, a European head-quartered global bank approached Citihub to help improve their level of IT control and risk management by implementing a bank-wide certification process covering the whole IT estate. The bank was at the time under intense regulatory scrutiny, not least from a high profile rogue trader incident. Because of this, the initiative had aggressive implementation [..]

Case Studies

Citihub Consulting has built an excellent reputation helping every kind of financial institution solve complex business and technology challenges. The skills and expertise developed in our engagements have proved highly relevant in delivering successful large-scale projects in other sectors, including government, education, legal, gaming & healthcare services.

IT Controls and Risk Assessments

Design and Implementation of Bank-Wide Controls for Global Bank

Customer Challenge

After a major loss-event, a European head-quartered global bank approached Citihub to help improve their level of IT control and risk management by implementing a bank-wide certification process covering the whole IT estate. The bank was at the time under intense regulatory scrutiny, not least from a high profile rogue trader incident. Because of this, the initiative had aggressive implementation timelines, a very high profile and was politically charged.

How Citihub Consulting Helped

Citihub provided a team of 12 highly experienced consultants with a blend of audit, banking application architecture and process expertise. The banking experience of the application architects and process consultants allowed us to reshape the in-flight project to make it more relevant and efficient to its end users, thus ensuring success of adoption. We also identified >50 controls falling between the gaps in the existing approach during quality assurance. The repeatable process included a catalogue (listing in-scope controls), process documentation, assessment tooling and operating model, central analysis and reporting, and mobilisation and tracking of remediation activities. The process was defined and deployed successfully across 3,000 IT controls with assessment repeating quarterly. Once the assessment had been successfully piloted and implemented, Citihub helped to define an ongoing service which was transitioned to an internal off-shore service centre.

Download this Case Study

Client Benefits

Improved IT control and risk management
Regular quarterly risk assessment implemented across 3,000 IT controls.
Regulatory remediation
Successful implementation of the assessment service within planned timeframes helped the bank to manage intense regulatory and audit scrutiny.
Quality, consistency & relevance
Citihub ensured that the process was relevant to its users and that data quality was managed through the lifecycle thus improving its adoption, accuracy and consistency. The mind-set of users changed from a perception of this being ‘done to them’ to an acceptance of it being ‘done by them’.
Sustainable processes and tooling
Citihub’s knowledge of the bank, and of banking practices in general were applied to the processes and toolset ensuring successful integration within the bank.
Incremental step-change reductions in cost of ongoing service
Citihub immediately reduced the bank’s consulting costs when engaged and worked proactively with the client to manage a transition to an internal lower cost service centre, ensuring that the bank implemented a sustainably successful solution while being cost effective.