SUMMARY

Whenever a company grows beyond a certain size, we must be able to provide auditing for IT processes and follow specific compliance guidelines in everything we undertake. Thus, we have been working on creating or modifying IT processes to fit the requirements.

KEY ACTIONS

- Created a configuration for auditing internal IT infrastructure so it can be easily reused in later audits.

- We have built a workflow that provides access to 3rd party vendors to the company environment in a secure, audited, and recorded manner.

- A guest account management flow was created for requesting and reviewing access for 3rd party users.

- We have created a Public Key Infrastructure to allow for certificate issuance for all IT critical services.

- Backups have been implemented for all critical services and a workflow for monitoring and solving issues related to them has been put in place.

- Created a secure method of managing the COVID devices and application used to scan QR codes in offices.