A small UK-wide bank approached us seeking assistance with their datacenter migration from in-house infrastructure to a managed service. Aware of our expertise in datacenter moves and risk management, they engaged our services to address the business and project risks associated with the transition.
With a tight six-month timeframe and close scrutiny from regulators, we took the following steps to ensure a smooth and risk-mitigated migration:
- Risk Review and Consolidation: We meticulously reviewed and challenged the extensive list of over 500 risks on the project’s RAID (Risks, Assumptions, Issues, Dependencies) log.
- By distilling them down to 12 key business risks, we were able to provide a clear and risk focused approach.
- Business Process Impact Assessment: Recognizing the importance of identifying risks directly impacting critical business processes, we collaborated with different business areas to ensure they had contingency plans and manual processes in place, mitigating potential disruptions during the datacenter move.
- Scope Definition: Working closely with the bank, we helped define the specific areas of the business that should be included within the project scope. This ensured that all relevant aspects were considered and accounted for in the risk management strategy.
- Assurance and Verification: We performed meticulous check and challenge exercises on the work conducted by the bank’s first-line technology risk function. This enabled us to provide an objective evaluation of the risks and controls in place, ensuring robust risk management practices throughout the migration.
- Application and Supplier Assessments: In a span of three months, we conducted comprehensive reviews of the bank’s core applications (approximately 74 applications). These assessments included evaluating customer data protection measures and assessing the current and proposed levels of security.
- Additionally, we assessed third-party supplier risk and evaluated the effectiveness of the existing High Availability solution.
By leveraging our expertise and building strong relationships with various functions within the bank and key stakeholders, we successfully achieved the following outcomes during our engagement:
- Assured the bank’s Board that all necessary considerations had been made for the safe transfer of the datacenters and that the business had manual processes in place should there be a failure in the event of critical component failures.
- Identified and rectified the exclusion of Treasury interfaces from testing, a failure of these interfaces would have led to the bank not knowing its liquidity positions.
- Discovered that the mainframes were not providing a fault-tolerant solution as assumed, but rather a high availability solution. This insight prompted the necessary adjustments to the migration plan, avoiding potential vulnerabilities.
Our meticulous assessment and assurance work played a vital role in facilitating a successful datacenter migration. By addressing risks comprehensively and verifying critical assumptions, we provided the bank with the confidence and assurance needed for a smooth transition while mitigating potential disruptions and ensuring the safety of their data and operations.
If you are planning a datacenter migration or require risk management support for your business, we are here to help. Our team of experts can provide tailored solutions to address your specific needs and ensure a smooth and secure transition. Contact us today to discuss your requirements and explore how our risk management services can benefit your organisation.
