Case Study: Automotive Insurance Company strengthens enterprise risk management with Optiv

Specialty Automotive Insurance Company Transforms Their Enterprise Risk Management Program

Automotive Insurance Company, a large specialty insurer, was growing through mergers and acquisitions while lacking a mature enterprise risk management program. Optiv found that security risks were not being quantified or tied to business priorities, and leadership had limited visibility into data-related, IT, and compliance risks across the U.S. and Canada, including privacy, PIPEDA, and PCI requirements.

Optiv implemented its Risk Transformation Service to build a custom, ISO-based IT security risk management program, supported by tailored processes, tools, training, and tabletop exercises. As a result, Automotive Insurance Company raised executive awareness of cyber risk, created repeatable assessments and reporting, identified key ERM focus areas through an ERC tabletop exercise, and transitioned risk management to internal staff.