Volksbank Wien AG has selected the integrated software platform risk2value (now BIC GRC Solutions) from avedos (nor GBTEC) to manage information security processes throughout the Austrian Association of Cooperative Banks as well as its main IT service providers. The system is planned to go live following a brief implementation period.
Volksbank Wien AG selected risk2value from avedos due to its fast deployment based on pre-built ISMS content and vast flexibility. The organization can integrate its own requirement and control catalogs, customize metrics, meet special security and transparency requirements for the financial services sector, and extend the system as needed to address other aspects of ISMS. In the future, risk2value will help the organization implement fast, efficient control assessment processes, establish a workflow-driven process for managing measures as well as simplify onboarding for operational risk owners in associated banks and IT outsourcing partners.
“The banking business is a matter of trust,” explains Christoph Zajic, Chief Security Officer at Volksbank, “and the trust that our clients place in the Volksbank brand obliges us to handle the issue of security with a great deal of care and responsibility. Professionally managing information security risks, therefore, has utmost priority for the Austrian Association of Cooperative Banks.”
“Although information security is not only limited to IT systems and services, we have seen that regulators and institutions are focusing more and more on these areas due the growing digitalization of business models, especially in financial services,” comments Hannes Wambach, CSO of avedos.
“In order to create a true end-to-end view, banks must integrate IT service providers as part of their risk management processes,” adds Samuel Brandstätter, CEO of avedos. “This is where the strengths of risk2value really shine through. Since it is a Web application, organizations can easily integrate external service providers that access the tool from various locations. Since it is also a flexible GRC solution, they can also modify the security requirements and metrics in the ISMS to the individual requirements of different service providers. Best of all, organizations can generate a central view of risks and implement a common measure management process. We are very honored to support Volksbank Wien AG and the Austrian Association of Volksbanks, as one of the nation’s most well-known institutions, in deploying a futureproof ISMS solution based on risk2value.”