The customer is a privately-owned company that specializes in providing data center and cloud computing services. They are renowned for operating one of the largest multi-tenant, carrier-neutral data centers in New England. Recognizing the importance of security and compliance, the client awarded Orion a multi-year contract to conduct security risk management assessments and internal audits for ISO 27001 and ISO 27701, as well as prepare for external audit certifications.
Challenge
The customer faced the challenge of limited internal resources to handle the specialized tasks involved in ongoing cybersecurity and privacy compliance. Their objective was to reduce annual costs while maintaining a high level of security and privacy compliance.
Solution
Orion addressed this challenge by deploying a professional team equipped with expertise in standards-based risk management, cybersecurity, and privacy. The team conducted a comprehensive asset-based risk assessment, carefully reviewed end-to-end policies and procedures, and performed a thorough gap assessment. These activities were undertaken to ensure that the client’s business operations were secure, compliant, and prepared for external audits.
Impact
The Orion Risk Management team successfully identified various issues through their findings and provided the client with valuable insights and recommendations to address these issues effectively. As a result, the client was well-prepared to navigate and pass their external audits and certifications. Additionally, the client benefited from cost reductions and freed up internal resources, allowing them to focus on their daily operations with enhanced focus and efficiency.