Global Energy Business - Technology Compliance Programme

Client issue

Our client required support to help them run a large scale technology remediation programme to risk assess and implement controls over their application and infrastructure estate.

PwC approach

We worked with our client to understand the challenges to date and then set out a programme plan, embedding our operational excellence practises, that would enable successful set up and scale to tackle remediation that would work right first time, every time.  Our team, including SME and operational experts, performed a number of activities to support the overall success of the programme including:

  • Outreach to business application / technology owners to perform and / or support risk assessment;
  • Conduct assessments against global standards e.g. ISO27001 and NIST 800-53;
  • Perform Quality Assurance over self-assessments to validate accuracy of risk rating overapplications;
  • Perform testing and validation over the control framework implemented; 
  • Managing and accepting deviation from the mandatory control framework; and
  • Analyse and monitor successful remediation of IT control findings reporting back to senior stakeholders.

Outcome and benefits to client

Our assistance has helped our client to understand their risk profile of the technology estate and to implement remediation plans where necessary.  Our involvement allowed us to drive centralised consistency and approach across many different business units and locations, and ensure that insights and best practise was adopted to gain maximum value to the business.

Contact us

Lyn Trimble Carson

Lyn Trimble Carson

Director, Compliance Testing, PwC United Kingdom

Tel: +44 (0)7718 864880

Follow us