下载PDF
Major Telecom Company Accomplishes Security Compliance in 18 Months
技术
- 应用基础设施与中间件 - 数据交换与集成
- 网络安全和隐私 - 安全合规
适用行业
- 电信
适用功能
- 商业运营
用例
- 网络安全
- 监管合规监控
服务
- 系统集成
挑战
The telecom company was given a mandate by its board to create a broad-reaching governance, risk and compliance (GRC) program managing everything from audit and compliance to third-party risk and business continuity. The company faced a number of challenges, including a staffing shortage, customer demands, a dynamic regulatory environment and the off-the-grid nature of Alaska. They relied on spreadsheets, email and tribal knowledge for a patchwork compliance program, and lacked a comprehensive view of real risk areas. The Board requested the new GRC program to be up and running in 18 months.
关于客户
The customer is a major telecom company based in Alaska. The company was facing a number of challenges including a staffing shortage, customer demands, a dynamic regulatory environment and the off-the-grid nature of Alaska. They relied on spreadsheets, email and tribal knowledge for a patchwork compliance program, and lacked a comprehensive view of real risk areas. The company was given a mandate by its board to create a broad-reaching governance, risk and compliance (GRC) program managing everything from audit and compliance to third-party risk and business continuity.
解决方案
To build a security compliance program, the telecom company hired a seasoned CISO with experience building similar programs. The company then formed a GRC team to integrate the entire GRC ecosystem at once. They chose NAVEX IRM, NAVEX ’s GRC platform, which is designed for integrated risk management. NAVEX IRM delivered on the company’s needs; namely, a collaborative tool with automation and functionality specific to the company’s use cases. Once data is in NAVEX IRM, it becomes actionable information that is then reported to business units to help them take action or make an informed decision. The GRC team was able to take a lifecycle approach to security compliance. It started with a controls framework design that lead to a current state assessment, followed by risk prioritization, remediation and reporting, with ongoing maintenance and, when necessary, updating the framework. NAVEX IRM supports every stage of this lifecycle.
运营影响
数量效益
相关案例.
Case Study
Vodafone Hosted On AWS
Vodafone found that traffic for the applications peak during the four-month period when the international cricket season is at its height in Australia. During the 2011/2012 cricket season, 700,000 consumers downloaded the Cricket Live Australia application. Vodafone needed to be able to meet customer demand, but didn’t want to invest in additional resources that would be underutilized during cricket’s off-season.
Case Study
SKT, Construction of Smart Office Environment
SK T-Tower is the headquarters of SK Telecom. Inside the building, different types of mobile devices, such as laptops, smartphones and tablets, are in use, and with the increase in WLAN traffic and the use of quality multimedia data, the volume of wireless data sees an explosive growth. Users want limitless Internet access in various places in addition to designated areas.
