Programme Managed introduction of new IT solutions for Aviva Investors to comply with Group policies and meet Sarbanes Oxley (SOX) Regulations.
The objective of the programme was to achieve compliance with Aviva Group’s Information Security and Information Technology policies. This was part of a wider strategy for all businesses within the group to operate to the same standards and meet Sarbanes Oxley compliance requirements
We were engaged to prepare a strategy, programme of works and budget to achieve this objective within pre-determined timescales and to programme manage its implementation
A four-phase programme of work was designed to:
- Determine existing gaps, assess where technology should be used cost-effectively, and define an Organisation model to support changes in process and increased IT governance
- Prove the technology solutions chosen
- Deploy new technology and improved processes across all financial and investment system (phase 1 rollout)
- Deploy across remaining systems (phase 2 rollout)
Technology solutions were deployed to cover access provisioning, password management, logging & monitoring, intrusion prevention and server patching
The first three phases were successfully delivered on time and budget to attain compliance with the policies. Phase 4 was handed over to an internal manager to complete