Outsourced Risk Manager
Building and Managing Client's Technology Risk Function
The client, MO is an established solutions vendor for risk and regulatory reporting. Over the last few years, its solutions have expanded to provide Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) in addition to its traditional on-premise product. MO must meet different regulatory and control requirements for its on-premise and cloud environments. Managing technology risks for both platforms requires the involvement of experienced senior risk management professionals. The client did not have enough resources and capabilities in-house to manage its technology risks in the cloud. As such, they decided to outsource this to Pragma's Risk and Compliance Consultant to support the technology risk management process for their cloud solution.
Pragma's Risk and Compliance Consultant provided expertise as and when required, from day-to-day risk management tasks to driving risk management strategy. Our activities include:
- Conduct risk reviews, maintain the risk register, assess new risks, and facilitate quarterly risk management meetings
- Led a special project to establish policies and provide training related to sensitive data segregation
- Assess use of tools to enhance automation on managing risks
MO also entrusted Pragma to support its other business functions, such as:
- Coordinate MO's business continuity and disaster recovery activities for its cloud business
- Support the CSO function for security initiatives and requirements, such as creating cyber incident plans
- Coordinate audit activities
Outsourced risk has yielded significant time and cost savings for MO as they can tap onto a pool of experienced resources as and when required. MO also demonstrated compliance to relevant regulatory and industry standard requirements pertaining to risk management.