|
Citicus’ risk management software
has been chosen by The Scottish Government’s
Improvement Service (IS), for its Customer First programme, to pilot a
standard for identification, recording, management and reporting of
risk. As well as reducing the likelihood and impact of threats and
incidents, Customer First’s risk, compliance and regulatory obligations
can now be managed efficiently - within a central location.
Tom
McHugh, Customer First’s Programme Manager explains:
“The increasing complexity of technological change, growing number of hosted systems
and the large number of people and organisations involved, meant that managing threats and implementing the required controls was becoming an even greater challenge. Significant
reputational damage, with a consequent lack of confidence in our systems by the public,
is a very real possibility if threats are allowed to materialise.”
Carol Peters, the Customer First Programme Security
Advisor says:
“The lack of a single risk management solution was
causing operational and security risks in its own right. I was looking for a risk management solution that would address
one of our biggest issues which was the ability to prove how our
security and privacy design features comply with the increasing number
of legislative, regulatory and policy obligations for privacy and
security within the public sector.”
Citicus ONE
was employed to improve risk identification and management for the
different systems and programmes within Customer First. The initial
focus was on its Citizen Account Records System, OneScotland Gazetteer
database and Customer Service Professional, supporting an accredited
training and qualification scheme.
Customer First's 'risk owners' participated in risk
workshops using Citicus ONE's
succinct criticality assessments and risk scorecards to help them
measure risk and compliance of their individual programmes in an
objective and consistent way.
This enabled Customer First’s management team to collate and
report information about risks from the different interdependent
elements of the overall programme.
The highly visual, informative results, generated by
Citicus ONE include risk and
compliance status reports, heat maps, dependency risk maps, risk
dashboards, risk league tables and action plans.
The software’s multi-level reporting, from high-level executive
summaries - to a detailed technical level, ensure that all Customer
First’s management are kept informed of the status of risk and
compliance in their areas of responsibility.
The Improvement Service now has a standard for
identification, recording, management and reporting of risk, within a
central location - across the whole Customer First Programme.
More control of how risk is managed across the programme can be
provided and how risk in one area may potentially impact another.
Carol Peters adds:
“With its strong pedigree in information assurance,
Citicus ONE was a valued choice.
Not only does it provide an important centralised single
framework, but it also provides a fast and easy solution to responding
to compliance requests. The
reporting structure allows reports to meet various requests at both
summary level - down to a more detailed analysis of a particular type of
risk.”
About the Improvement
Service
The Improvement Service (www.improvementservice.org.uk) was set up in 2005 to help
support improvements in the efficiency, quality and accountability of
local public services in Scotland by providing advice, consultancy and programme support to councils and
their partners. Managed by the Improvement Service and in partnership
with Scotland's 32 Scottish local authorities, Customer First aims to deliver 'first time'
public services by re-designing them around customers' needs. The
programme supports the principles of: easier-to-access, better
integrated, local services; effective collaboration across the public
sector; better use of public resources and high standards of public
service.
About Citicus
Citicus Limited was formed in 2000 by Simon Oxley, Sian Alcock and Marco Kapp. The company provides world-class automated risk management tools that have been implemented in public and private sector enterprises of all sizes around the world, and helps customers implement them successfully. Our flagship software, Citicus ONE, enables organizations to measure and manage the risk posed by the entire range of assets, entities, processes and activities on which they depend, using a methodology that reflects 20 years of research into the factors that drive risk up or down and those which make risk programmes successful.
For more information, contact:
Simon Oxley, Marco Kapp or Sian Alcock, Citicus Limited
Tel: +44 (0)20 7203 8405
Email: info@citicus.com
Nick Hall, Citicus media relations
Tel: + 44 (0)7949 111174
Email:
media.relations@citicus.com
Back to News
|
