Some would say that there is nothing more gratifying than helping people in need. In the case of Shire Pharmaceuticals, helping people with life-altering conditions to lead better lives is core to their business and their culture. Based in Lexington, Massachusetts, Shire focuses on developing treatments for rare diseases, including regenerative medicine. The need to stay on the cutting edge of healthcare is paramount, and information security has played a key role in that mission.
Shire’s Senior Director of Information Risk Management & Security, Bob Litterer, was tasked with developing a world class information security function. Like so many CISOs, Bob knew the importance of information security as a business enabler, but needed to drive awareness and create a security culture that embraced their business. He was also tasked with reducing costs associated with changing compliance requirements, driving up efficiency and managing acceptable risk tolerances so the organization could continue to innovate and stay competitive — quite a tall order when there is so much on the line.
Like any good leader, Bob knew he needed a great team behind him – so he brought in one of our alliance partners OpenSky who helped build a comprehensive Governance, Risk and Compliance (GRC) platform based on RSA Archer.
Shire Pharmaceuticals: OCEG GRC Achievement Award Winning Solution.
OpenSky Professional Services and RSA Archer GRC Platform
As the video explains, Shire was able to quickly spotlight where there was a need for improvement and the areas where they were successfully hitting the mark. The visibility through RSA Archer allows Shire to drill down in each area to determine how they can improve — driving credibility into the management of the program as well as demonstrating its depth. Additionally, Shire is able to continue that assessment regularly to report progress, showcase how the information security organization is aligned with the goals of the business and ensure they are always able to meet changing business needs and compliance requirements.
While this project is impressive in and of itself, I am happy to share that Shire has also earned an important industry accolade. Last week, they were awarded the OCEG GRC Achievement Award at the 2013 Compliance Week Conference which recognizes organizations that make great strides in improving and integrating their approaches to governance, risk management and compliance. Working with OpenSky, Shire leveraged the OCEG Redbook to provide a framework for managing the GRC Program and it has been paying off in spades. Thanks to the dedication of Shire and OpenSky as well as the power of RSA Archer, Shire gets to take home this honor and we couldn’t be happier.
Beyond winning awards, Bob is looking to lead his company into the future of healthcare by building out a world-class information security function that supports the business’s GRC requirements. With all the great work that Shire does, it’s extremely gratifying for us to help them along that journey. Here’s to helping organizations that help people in need every day.