By Ray Vazquez on March 13, 2022
Demonstrating compliance to the NIST 800-53 security framework for cloud implementation.
The Challenge
A newly established financial services firm was required to create and operate a new GRC program and demonstrate compliance to the NIST 800-53 security framework prior to go-live with its production platform. The financial services firm was establishing its platform in the Cloud and thus was required to demonstrate full compliance with its cloud implementation.
Vertex11’s Role
- Designed, implemented, and operationalized the GRC program
- Created the policies and procedures for the security program
- Collaborated with compliance, technology, and the cybersecurity team to design an initial set of controls
- Configured templates for evidence of the controls, demonstrating design and operational effectiveness
- Developed training for the policies and procedures and new controls
- Established the program office to coordinate the evaluation of internal controls by an external auditor
- Supported on-time compliance with the firm’s aggressive timelines
Success Story
The firm was able to establish the design and operating effectiveness of controls, which permitted a highly successful go-live of its platform. They were so pleased with the process they asked members of the Vertex11 team to join the firm at the end of the engagement. Some accepted, permitting a sustainable program to continue past the go-live.
The Vertex11 Advantage
If this financial service firm would have enlisted one of our competitors they wouldn’t have been able to move as quickly and their go-live would likely have been delayed. As always, we had our most talented and experienced team on the job so we had everything mapped out from start to finish to avoid any uncertainty. Some of the traditional industry consultants would have put a more junior team on this initiative to maximize their resources and billings, resulting in more uncertainty and rework.
Learn more about Vertex11’s Cybersecurity.