Operational Risk Management: Effective agile 2nd line of Defense support!

The Moralit’s  specialties are all part of Operational Risk Management (ORM) activities. Basically, ORM provides 2nd line of support for the 1st line by helping them with compliance and business requirements: See e.g. https://moralits.com/homepage/pro-active-auditing/.

Also, ORM or the 2nd line of support facilitate 3rd line of support audits and help them with testing and, therefore, providing quality evidence – where auditors can rely on – in order to reduce audit throughput time, See e.g. https://moralits.com/homepage/automated-audits/

Often, when authorities like ECB/ EBA, or other regulators like those of the USA, UK, Singapore or Hongkong have specific – IT Related – requirements, the ORM function maps those requirements to usefull control-sets for the 1st line of support: https://moralits.com/compliance-mapping/

The ORM function uses Powerfull Governance tools like BWISE, Dell Technologies (RSA), IBM or even ServiceNow. Often – via workflow, in conjunction with both 1st and 3rd line parties. Moralits consultants have a lot of experience in using, implementing and effectively configuring these types of GRC tools. See e.g. https://moralits.com/grc-tooling/

For Moralits, IT Security Management link ORM consist of Access Management (e.g. Automated provisioning, defining user and group roles/ profiles and Segregation of Duties) and Monitoring (e.g.: Automate monitoring of user events, machine/configuration settings (changes.) Vulnerability Management and Penetration Testing / Ethical Hacking): https://moralits.com/it-security-management/

However, still a lot of ORM work is done via MS Excel or MS Access (or similar). Are those self-made spreadsheets and DB’s secure? accurate? confidential? complete? Moralits can help you with powerful spreadsheet security! e.g. https://moralits.com/homepage/spreadsheet-security/