01.
The Challenge
An athletic apparel retailer with 450+ brick-and-mortar stores and a robust online presence sought an independent provider to design and execute cybersecurity internal audits focused on Identity & Access Management (I&AM) and VPN/Remote Access.
02.
What We Did
RGP developed and executed a comprehensive Cybersecurity Audit Plan based on the NIST Cybersecurity Framework and ISACA’s cybersecurity controls. The team first conducted an I&AM audit to identify overlapping controls that would inform the subsequent VPN/Remote Access audit.
The second audit focused on providing the client with enhanced visibility into network operations and access controls related to personal information accessed by employees and third parties. RGP reviewed
over 35 documented policies, processes, and business practices, holding stakeholder meetings with executives, directors, and key users across four major lines of business.
03.
Our Impact
RGP audited identity management, identified control gaps, and recommended corrective actions, preparing two audit reports.
case studies
