IT Infrastructure Qualification and regulatory support for IT activities processes
RFI/RFP formalization Processes design and detailed user requirement specifications for Regulatory Affairs activities
Computerized Systems GxP Compliance Training & personalized support in the development of associated skills
Information Security Management System Rollout (ISMS)
ISO 27001 certification preparation (France and Italy)
Documentation writing, SOP, work instruction, monitoring, operational checks • IT asset lifecycle and inventory • computer room and physical security • patch management • access management
Modelization of work processes / workflow diagrams
Workshops facilitation with the IT, HR and legal teams
Conducting Interviews of IT Leaders, situation analysis, picture overview
Supplier security assessement --- Governance --- • process modelization (diagram flow + related activities description) • methodology for assessment - simple & flexible • periodic review strategy --- Operational Activity --- • carrying out supplier evaluations • use of the secure score card platform, CSA reports • exchanges, interviews with suppliers • drafting of the evaluation guide based on questionnaire • drafting of the evaluation report, conclusion and internal recommendation of reliability of the supplier =tool=Excel, Score Card, Confluence
Remediation plan • prioritization • affectation • follow-up =tool= Jira
ITS Lifecycle Audit including IT infrastructure and security based on GxP regulations and cybersecurity referential (preparation, conduct and reporting)