An energy sector client needed transparent communication for their new information security strategy. They faced challenges with manual reporting and dispersed ownership of key security indicators. They required transparent communication of progress and a reduction in FTE overhead needed for reporting.

We defined three layers of reporting and created an automated setup. We built a strong data foundation by developing a "Metric Catalogue" and setting up a central data repository and BI platform for automatic reporting. We oversaw the development of automatic integrations, data validation, and BI report creation. Finally, we documented processes and defined roles and responsibilities.

The client benefited from streamlined, automated reporting with reduced overhead, stronger tracking and visibility of their security posture, and improved transparency and cohesion across the InfoSec department.