In particular, the society asked PwC to help it produce a gap analysis against a recognised industry standard, bench marked against industry peers, so it could assess the state of its systems and processes and the extent of its cyber security risk. It would also need help in designing and implementing a new information security target operating model and project plan that would build controls aligned to ISO 27001:2013. To aid this process, the society asked that a Chief Information Security Officer
PwC had previously worked with the society, so it was able to build on its previous knowledge to deliver outstanding results on this project, using a multi-disciplinary team from the regional Cyber Practices. The strength of the skills of its team, coupled with its understanding of the values that are important to the society, created a strong working relationship.
The society was been extremely pleased with PwC’s work, which will leave it in a far stronger position than at the beginning of the project. An incoming Chief Information Security Officer has now taken charge, and thanks to the level of trust and respect formed, PwC will continue to work with the society in the future.