SITUATION
A Canadian financial services organization was looking to streamline their privacy and security program to better align with regulator expectations. The organization had a growing business with a wide range of privacy and security policies in place but was lacking a unifying framework to tie the policies and procedures together. FTI Cybersecurity was retained to unify the organization’s privacy and security program, and to map the policies and procedures to applicable regulatory requirements.
OUR ROLE
FTI Cybersecurity began by assessing the current state of the organization’s privacy and security program. Once the team had a thorough understanding of the program, they quickly began reorganizing the mix of policies and procedures into one overall framework. FTI Cybersecurity identified all relevant regulatory requirements and inserted mapping into the policies and framework to reassure the organization that all applicable regulations were appropriately addressed within the policies and procedures.
OUR IMPACT
FTI Cybersecurity delivered a clear and concise set of policies and procedures that incorporated all of the organization’s applicable regulations. The FTI Cybersecurity team also assessed new and pending regulatory requirements, and addressed these upcoming requirements in updated versions of the policies and procedures.