CHALLENGE
When the data center operations department of a securities brokerage firm received
the results of an external operational audit, the managers were unsure as to how they should
respond to the comments on the audit.
SERVICE
An MCS consultant reviewed the audit comments and their implications with the
department managers. The review included discussions with the managers on the role of the
auditors to identify operational vulnerabilities versus the role of the manager to decide the level
of vulnerability that is or is not acceptable. Each of the audit comments was evaluated as to
the probable and possible exposure of the firm and the estimated cost of reducing the
exposure. A formal response was then prepared for each comment and presented to
corporate management.
RESULTS
Corporate management approved each response and included funding in the following
budget cycle for all of the proposed remedies. The remaining exposures that the department
managers decided not to remedy were placed on an on-going action list for periodic
review.
to return to Service Highlights.