Infosys Positioned as a Leader in the Avasant Risk and Compliance Services 2022 RadarView
Avasant, a leading management consulting firm has positioned Infosys as a Leader in the Avasant Risk and Compliance Services 2022 RadarView. Avasant evaluated 28 providers using a rigorous methodology across three key dimensions: practice maturity, partner ecosystem, and investments and innovations.
In the report, Avasant acknowledges Infosys’ risk and compliance services and the series of initiatives taken with its partner ecosystem to augment its solution and platform capabilities focused on enterprise-wide GRC needs.
Infosys offers a comprehensive suite of risk and compliance services including regulatory compliance management for achieving CMMC compliance and vendor risk management in partnership with OneTrust, MetricStream, ServiceNow, and RSA Archer. It continues to augment its Infosys Enterprise Data Privacy Suite (iEDPS) capabilities to support global privacy regulatory compliance mandates such as GDPR and CCPA.
The Avasant study highlighted the following as Infosys’ key strengths:
- Infosys leverages its internally developed framework, Infosys TechCompass, and ongoing trends to identify gaps in its capabilities, creating service offerings, platforms, and solutions. In the last 12 months, it enhanced its capabilities and built new offerings.
- It developed four types of service offerings: Quantitative Cyber Risk Management, which considers real-time quantification and embeds GRC in its overall enterprise architecture, cyber security architecture consulting based on its internal framework Cyber Compass, regulatory compliance management for achieving CMMC compliance, and Vendor Risk Management in partnership with OneTrust, MetricStream, ServiceNow, and Archer.
- Its Cyber Gaze platform (security metrics management system) provides data from different perspectives thus enabling collaboration between the cybersecurity, application, IT operations, and risk and compliance teams to examine and act on the security metrics. It continues to augment its Infosys Enterprise Data Privacy Suite (iEDPS) capabilities to support global privacy regulatory compliance mandates such as GDPR and CCPA.
- In 2022, it launched its Cyber Aware platform to increase its clients' employees' cyber awareness by providing security training in an e-learning format.
Practice maturity
Partner ecosystem
- Infosys partners with numerous technology providers in the GRC automation space. In January 2021, it aligned with SAFE Security to provide a solution, Quantitative Cyber Risk Management, which helps firms predict breaches in their systems and determine potential impact across their organizations.
- It has ongoing GRC-specific go-to-market initiatives with IBM OpenPages, Archer, MetricStream, and ServiceNow.
- It partners with RSA Archer to provide various offerings such as Business Resilience, Vendor Risk Management, Compliance Reporting, Audit Management, Issue Management, and Risk Management. Infosys also partners with SAP to provide GRC-specific services in access control, process control, and fraud management.
Investments and innovation
- Infosys invested to develop artificial intelligence/machine learning models, working with three customers to reduce the efforts of risk analysts. It expects the models to be in market by 2023.
- It created CoEs for different partner solutions with RSA Archer, ServiceNow, and MetricStream, using its internally set up labs and access to partner-provided labs. All competencies from client projects are fed back into these labs or CoEs as part of its continuous improvement plan.
- It is continuously focusing on developing its digital talent through internal training, external boot camps, partner-led programs, and certifications. It partners with leading universities such as Purdue University and NIIT to upskill and reskill employees.
Click here to access the report.