We’ve recently created a new section on our website for case studies. Our customers were telling us that they wanted to hear more about what we’re doing and how we help different organisations. Of course, due to the nature of our work, a lot of this information is confidential and protecting this is always our top priority. However, we are able to share some information and have developed the first of what we believe will be many case studies in collaboration with our client and partners. Our first one showcases how Axenic worked with Not For Profit organisation the Human Rights Measurement Initiative.
Until recently the world hasn’t had a simple, transparent way to monitor how people are treated. This was a problem. When something is not measured, it is easily overlooked and undervalued.
The Human Rights Measurement Initiative (HRMI) is filling this gap and they are working to produce a free easy-to-access database of metrics, summarising human rights performance in countries around the world. With a good set of measures ,it will be easier to improve human rights.
This very significant work has some critical information security requirements and in 2018 The Human Rights Measurement Initiative (HRMI) approached Axenic to help them identify and manage the inherent risks associated with this important project. As part of Axenic’s commitment to supporting impactful citizenship initiatives, we were happy to donate the consulting time to HRMI at no cost.
What was the key challenge for HRMI?
Following on from HRMI’s successful pilot in 13 countries (Angola, Australia, Brazil, Fiji, Kazakhstan, Kyrgyzstan, Liberia, Mexico, Mozambique, Nepal, New Zealand, Saudi Arabia and the UK), HRMI had the confidence to expand their reach to include all 170 countries who have signed/ratified the global human rights treaty. The HRMI team knew that they needed a robust way to manage their security, specifically they needed to find a more efficient and scalable way to collect information, while protecting the respondents’ privacy.
Understanding their risk was key for HRMI
Working closely together Axenic identified the need for the completion of a Risk Assessment specific to the HRMI business requirements. This included the security requirements for the new Customer Relationship Management System HRMI was implementing. The Risk Assessment helped to identify both specific security risks they had not considered and confirm some suspected risks. It also had the benefit of uncovering some new potential risks that had not been considered.
The results of managing HRMI’s risk
Providing a Risk Assessment is just half of the picture, it is what you do with this information that is most important. With the Risk Assessment completed, HRMI then went about using these solutions to help drive updated security policy. Amongst other things, this new found knowledge has helped them to accurately screen third party suppliers, communicate confidently with stakeholders on measures to keep survey respondents safe.
Through Axenic’s work with HRMI, the not-for-profit has developed a good understanding of how information security can help them achieve a great citizenship outcome.
Visit our Case Study page to read and download the full case study here. We’d love to hear your thoughts on this and of course if you have any questions or need assistance with your information security and privacy governance, risk and assurance feel free to get in touch at any time.