| | March 202019CIOReviewcomplex projects, and to help clients manage risks more effectively through the implementation of audit programs that measure, monitor and report internal control performance. At the core, the company brings in its deep experience, technical knowledge, and a history of delivering tangible results to strengthen cybersecurity and compliance programs.ITEGRITI's approach to cybersecurity begins with developing an understanding of the client environment through a risk-based evaluation and review of the existing program, internal controls and performance, and technology investments. "We are software and hardware agnostic and help identify the right solutions by considering tools already owned as well as the overwhelming number of products in the marketplace," notes Sanchez, President at ITEGRITI.ITEGRITI designed compliance programs embed the compliance tasks within the operational procedures to clarify responsibilities and support organizational adoption. "ITEGRITI's approach provides our clients with a process to measure, monitor, and report the operational effectiveness of their internal controls," adds Sanchez.One of the largest utility companies in the U.S. came to ITEGRITI with a growing list of cybersecurity, compliance, process improvement, training and organizational change management concerns but did not have internal resources available for timely completion of tasks. ITEGRITI reviewed the list, identified dependencies and critical path, anticipated level of effort, and organizational priority. They were then contracted to lead and help complete items on this key task list. Through ITEGRITI's trusted counsel and close collaboration with the employees, vendors, and other contractors, the client was able to manage their efforts and complete items on their key task list in an agile fashion.The uniqueness of ITEGRITI's integrated services stems from its ability to deliver a range of crucial functional support and personalized managed services for companies that lack the resources, time, or expertise to handle them, but have recurrent needs on compliance and cybersecurity streams. The company's `as a service (aaS)' models--Chief Information Security Officer (CISO) aaS and Compliance aaS--provide critical support for clients and help them choose specific services that meet their budget and needs.ITEGRITI plans to expand its investment in processes and tools. Their processes follow an approach that mirrors NERC audit and data requests, and they utilize a relational, multi-user database during audit preparation engagements to manage data requests, workflows, reviews, and disposition with reports that dynamically provide Data Request status. The company's future roadmap also includes geographic expansion to better serve clients by utilizing cost-efficient and local resources. Michael Sanchez
<
Page 9 |
Page 11 >