Client: Aviva Investors (formerly Morley Fund Management)
Role: Compliance with Information Security and IT Policies – Project Management
The objective of the programme was to achieve compliance with Aviva group’s Information Security and Information Technology policies. This was part of a wider strategy for all businesses within the group to operate to the same standards, and meet Sarbanes Oxley compliance requirements
MSPSL were engaged to prepare a strategy, programme of works, and budget to achieve this objective within pre-determined timescales and to programme manage its implementation
A four phase programme of work was designed to:
-
Determine existing gaps, assess where technology should be used cost effectively, and define an Organisation model to support changes in process and increased IT governance
-
Prove the technology solutions chosen
-
Deploy (Phase 1 rollout) new technology and improved processes across all financial and investment systems
-
Deploy across remaining systems (Phase 2 rollout)
Technology solutions were deployed to cover access provisioning, password management, logging & monitoring, intrusion prevention and server patching
The first three phases were successfully delivered on time and budget to attain compliance to the policies. Phase 4 was handed over to an internal manager to complete