Challenge
Our client, a mining organisation, needed help to rectify outstanding audit items and implement and operate a cybersecurity framework with very limited resources and skills across multiple international mining locations. Given they only have a small IT team, a standard implementation of a security framework was not an option, as it would have put a significant strain on their team’s resources. So, they looked for a partner to assist.
Solution
Green Light provided the capacity this client required to complete this task across 5 international locations. We performed a NIST Cybersecurity Framework assessment and audit reviews to produce a program of works.
Green Light was then tasked with implementing a customised NIST Cybersecurity Framework across the company over a 6 month period. Then halfway through the implementation, V2.0 was released, and we were also tasked with updating it.
To address audit remediations, an internal audit and risk treatment plan was established and sought to a majority conclusion. The engagement concurred with our client’s external financial technical controls audit, and the Green Light resources represented and coordinated the audit responses.
Based on the implementation, our client was able to operate the new processes in a self-sustaining manner.


