“Fix it by February 1 or face a fine.”
That’s the challenge a large North American bank was facing late last fall after a regulator told them they needed to improve their risk assessment process. Faced with a looming deadline and not enough internal Archer resources, they turned to Iceberg to get the job done.
The bank needed to improve their end-to-end risk and control assessments for monitoring applications and infrastructure in order to pass a regulator’s audit. They already had a solution in place using RSA Archer for control assessments, but needed to add in the risk assessment piece as well. With a looming deadline (and Christmas holidays coming up), the task looked daunting for our customer.
How we helped
Iceberg sent in our “A-Team” of Archer specialists to get the job done. We started in early November with a review of the requirements. We helped our customer prioritize which ones were the most important to satisfy the regulator, and mapped out a plan to implement the most time-sensitive tasks first.
We used a fast-tracked version of our Solution Lifecycle Management (SLM) process for Archer configuration, which builds in quality management throughout the process to minimize lost time during the later testing and UAT stages. This project went down to the wire, with a few late nights and weekends thrown in, but in the end it went to production on time, under budget, and with minimal defects to work out as we got near the final buzzer.
Next up we’ll be implementing the less time-sensitive requirements, and by the end of April, our customer will have their risk & control assessments completely revamped from where they were back in November.
That makes for a happy customer, and a happy regulator.
If you’d like to chat about our SLM process, or about how our Archer team can help augment your internal resources, give me a shout at firstname.lastname@example.org