Project Profiles
Case Studies are shown from a subset of projects executed by Illumant consultants. We value the confidentiality of our clients and have omitted their names in the case studies. We happily provide references on request.
Documentation and reengineering of revenue management process for an online collaboration company
Our client is a pre-IPO company, with executive management committed to take a proactive approach to SOX. By starting the process early and focusing on the areas of greatest concern to the company, our client's CFO sought to derive the combined benefits of efficiently spreading out the SOX readiness process to minimize costs, reducing the excess burden on internal resources, improving the integrity of financial reporting, and developing more streamlined business processes for improved efficiency and governance. Illumant was tasked with interviewing key management and staff, documenting the revenue management process, identifying risks, engineering controls, performing benchmarks, and providing comprehensive recommendations for improvement. Illumant completed the project on time and within budget, and with very high quality and replicable deliverables that motivated the CFO to engage Illumant to work on other priority in-scope processes.
Comprehensive first-year SOX compliance readiness for an online auction company
Our client, a public company, engaged Illumant to tackle its comprehensive first-year finance and IT SOX readiness initiative. Over the course of eight months, Illumant's consulting team assisted the client with risk assessment, process and controls documentation, gap analysis, testing and re-testing of controls, and auditor interfacing. At the conclusion of the project, the client was given a clean opinion by its auditor, with the auditor singling out Illumant for its contribution. Having seen a number of SOX readiness consultants providing assistance to their clients, the external auditor was very complimentary of Illumant's expertise and quality of service relative to other providers of such service.
IT program design for a biotech company
Our client is a rapidly growing, VC-funded company with a complex IT infrastructure. The VP, IT recognized that with rapid growth comes an increasing need for order and control within the operation via formalized policies and procedures. To take its organization to the next level of operational efficiency, IT management engaged Illumant to design a comprehensive IT program for the client, based on widely recognized best-practice IT frameworks, such as COBIT and ISO17799. Illumant's team interviewed key client stakeholders, reviewed existing documentation, and created a library of policies and procedures for governing the IT organization. At the conclusion of the project, the VP, IT acknowledged Illumant's great contribution toward meeting company objectives, while being a pleasure to work with.
M&A network assessment, re-architecture, and implementation roadmap for an audio products company
Following our client's merger with a company with operations in Europe and Asia, we performed a comprehensive assessment of the combined infrastructure, including networks, applications, and telephony. Our team evaluated the strengths and shortcomings of the current environment and provided an architecture and roadmap for building a more robust, efficient, and secure network and communication infrastructure to enable reliable information sharing, collaboration, and global data consolidation.
SAS70 Type II services for a leading online collaboration services company
We collaborated with a CPA firm partner to assess the client's readiness for a SAS70 Type II audit. We subsequently helped the client with its final audit preparation by producing extensive documentation, including detailed IT policies and procedures.
Assessment of IT controls over a county tax apportionment system for one of California's largest counties
Our client sought assistance in validating its claims that its tax apportionment system was properly controlled from both design and operating effectiveness standpoints. Working in conjunction with a CPA firm partner, we performed the IT portion of the examination and provided a comprehensive report of gaps and recommendations.
Placement of an IT executive for a leading business intelligence company
Our client had an urgent need for a leader within its IT organization after the unexpected departure of its IT Director. Leveraging our extensive network of IT experts, our deep domain expertise, and our recruiting skills, we provided the client with numerous qualified candidates and assisted them in hiring their top choice.
Policies and procedures documentation for a provider of metropolitan area network solutions
Our client needed numerous IT policies and procedures written to comply with SOX. We performed compliance audit scoping, conducted extensive interviews, and authored and revised numerous IT policies and procedures.
SOX scoping effort for a provider of retail purchasing services
Our client with one of the top 20 visited websites needed to assess the level of effort required for achieving SOX compliance, with particular focus on change control. We performed compliance audit scoping and created a roadmap. Our full project scope report included a high-level gap analysis and a breakdown of detailed resource requirements.
SOX 404 IT internal audit for a public regional commercial bank
Our client required readiness assistance for SOX 404/IT compliance. We provided scoping, gap analysis, and controls testing. We identified numerous gaps and provided remediation strategies to achieve SOX compliance.
SOX external audit for a public regional commercial bank
We collaborated with a CPA firm partner to perform an external audit of IT controls. We tested those SOX IT controls, revised sampling procedures, and provided an Audit Report.
SOX security audit for prominent networking company
Our client needed to have a security assessment performed for SOX compliance. We conducted a blind assessment of Internet visibility and exposure followed by intrusion efforts. We located several security holes and advised our client on resolution.
Policies and procedures documentation for a leading provider of online mortgages
Our client needed to develop and document a GLB-compliant information security program. We performed extensive interviews with management and subject matter experts, and then created a complete program to exceed government GLB requirements.
GLB compliance assessment for a private regional commercial bank
Our client needed a GLB compliance and security assessment to prepare for an OCC audit. We conducted the assessment of technical and organizational security measures, identified numerous risk issues, and created a compliant solution, including training.
GLB compliance assessment for a venture capital firm
Our client required a GLB compliance and security assessment to prepare for an audit. We conducted the assessment of technical and organizational security measures, identified multiple security concerns, and assisted in resolving crucial compliance issues.
Product development consultation for a leader in electronic document solutions
We utilized our SOX compliance subject matter expertise to help define a new strategic direction for product development. Our understanding of compliance nuances and their impact on business and IT contributed to product development and marketing.
Perimeter security assessment for a provider of commercial laser products
The incoming CIO required an assessment of the company's baseline security posture. We conducted a blind assessment of Internet visibility and exposure followed by intrusion efforts, identifying several large security holes and assisting our client in problem resolution.
Perimeter security assessment for a leading global provider of networking and security products
Our client had recently acquired a prominent network security company and needed to assess the company's Internet-facing security. We conducted a blind assessment of Internet visibility and exposure followed by intrusion efforts, identified numerous vulnerabilities, and established a baseline for future audits.
Perimeter security assessment for a provider of outsourced sales and marketing services
Our client had not conducted a security assessment for several years. We performed a suite of specialized perimeter assessments to provide a critical independent update and to establish a baseline for future audits. The report also satisfied our client's requirement to have a current security assessment to be used for marketing purposes with their major enterprise customers.
Perimeter security assessment for a worldwide leader in plastics and adhesives
The incoming CIO of our client required an assessment of the baseline security posture, the company not having conducted a recent perimeter assessment. We conducted a blind audit of Internet visibility and exposure followed by intrusion efforts. We located and assisted in resolving several security holes.
Comprehensive security assessment for a leading apparel manufacturer
Our client needed a comprehensive security audit, including a focused assessment of the high-volume online store. We conducted an assessment of internal and external technical security measures, identified multiple security issues, and assisted our client in resolving them.
Comprehensive security assessment for a biopharmaceutical research firm
Our client needed a comprehensive security assessment to meet regulatory guidelines. We conducted the assessment of technical and organizational security measures, identified multiple security issues, and assisted our client in resolving the problems.
Comprehensive security assessment for a provider of biotechnology research and products
Our client needed a comprehensive security assessment before product roll-out. We conducted an assessment of technical and organizational security measures. We identified database security issues and assisted our client in resolving those critical vulnerabilities that needed immediate attention.
|
