Corix Partners grey banner

The Asset Management Division of one of the Largest French Insurance Groups

Corix Partners (in collaboration with a local associate firm and its teams) assisted the incoming Head of Legal and Compliance in the assessment of the security maturity of the organisation

Read More

Working closely with all stakeholders across the firms and its parent organisation, we benchmarked existing security practices against industry standards, measured maturity and risk posture, and proposed ameliorative scenarios based on our findings. We analysed the strenghths and weaknesses of the pre-existing organisational arrangements and made recommendations on how to evolve the team structure to match the challenges the company was facing.

A Leading FTSE100 Global Software Firm

Corix Partners assisted the firm in the definition, validation and piloting of an Information Risk Management Model in response to senior stakeholders concerns at C-level.

Read More

Working closely with IT, Risk and Assurance teams, we defined a set of controls catalogs covering all key aspects of the organisation’s information assets, and matched those to a pre-existing set of key threats. We assessed a selected set of 10 systems against those controls catalogs, measured the associated risk profile and reported results to senior management.

A Leading Public Investment Authority in France

Corix Partners (in collaboration with a local associate firm and its teams) assisted the Head of Compliance and Internal Controls in the definition and implementation of a “second line of defence” control function focused on Information Security

Read More

Working closely with the IT and Compliance teams, we first performed an assessment of the IT security maturity of the firm. We led the definition and validation of a controls plan for the IT department, and its first application through a full annual controls cycle. We remained directly involved for over two years; we assisted the Compliance department in the structuring of its IT Controls function and the recruitment – and ongoing coaching – of a team leader.

A FTSE 100 Leader in the Travel & Leisure Industry

Corix Partners assisted the newly appointed Head of IT General Controls, Security & Compliance in the definition and communication of a new Target Operating Model for his Information Security practice.

Read More
Working for the newly appointed Head of IT General Controls, Security & Compliance, we defined and validated a Target Operating Model for Information Security, including a detailed functional architecture for the function across the Group, and we assisted him and his team in communicating the new Target Operating Model to the Global team through the facilitation of a specific workshop.

A major UK domestic Logistics Group and Historic Sector Leader

Corix Partners assisted the newly appointed Head of Information Security in restructuring her team and building a strategic framework and vision for her practice (including the definition of a Threats & Controls based Information Risk Management Methodology, and a model for embedding the Information Security practice in the broader Group Security & Privacy context)

Read More

Working for the newly appointed Head of Information Security, we examined the current Information Security strategy, purpose, organisation, projects & priorities. In a context of complex internal inter-actions, we proposed recommendations to develop a Group-wide Governance Model for Information Security and a revised mission statement & organisational backbone for the Information Security practice, together with short & mid-term strategic objectives.

We remained involved in the delivery of short-term organisational objectives and in defining a Threats & Controls based Information Risk Management Methodology. We provided direct ongoing staff assistance to the Head of Information Security in terms of Business Management, external recruitment of new staff, and the technical Security coaching of part of the team.

One of the largest listed leading Alternative Investment Firm and Global Hedge Fund

Corix Partners assisted the Group CIO in the full strategic restructuring of the Firm’s Information Security practice and the definition & delivery of a 3 years strategic transformation programme. We remained involved throughout the period at different levels, enabling the Head of Information Security to deliver operational and organisational stability in his area, in the context of growing cyber threats and a complex merger that drove very significant management and strategic changes.

Read More

At the request of the CIO and the COO Technology Group, we performed a top down assessment of the Group Information Security practice against published FSA Good Practices in that domain, and positioned the risk posture of the Firm against a number of key risk scenarios. We presented our results to senior management and were asked to define a 3 year strategic plan to transform the practice towards greater maturity.

We provided direct assistance in structuring the team and setting in motion a number of key technical initiatives. We remained involved for over 3 years in very close cooperation with the Group Head of Information Security, providing staff assistance in the field on key topics (including critical technical areas such as Identity & Access Management), supervising the overall delivery of the security transformation programme, making sure it stayed on track, and mentoring the Information Security team.

The Trading division of a Major UK Retail Bank

Corix Partners assisted the division CIO in the restructuring of part of the Bank’s Information Security practice in a complex post-merger context.

Read More
Working for the CIO of the Wholesale Markets & Treasury Trading division and a senior member of his management team, we performed a review of the departmental Information Security organisation in a post-merger context, and examined strengths and weaknesses of the Information Security practice in terms of activities, staffing levels, culture, governance and integration within the Group. We proposed a number of key directions to improve Security operations at large across the division, assisted in the recruitment of new staff members, and were called back to define a new Target Operating Model and Organisational Structure for the Information Security departmental team.