EN
Contact us

Security audit for BNP Paribas Faktoring

Read more
Security audit for BNP Paribas Faktoring
Case Study

Challenge

BNP Paribas Faktoring is the leader of the Polish factoring market, offering a wide range of factoring services tailored to the needs of small, medium and large companies. In Poland, the company supports companies in improving financial liquidity and competitiveness and managing contractors’ insolvency risk. BNP Paribas Faktoring emphasises information security and compliance with the highest industry standards. Therefore, BNP Paribas Faktoring needed a comprehensive security audit of the Supplier of one of the critical systems. The client commissioned our company to carry out this analysis.

Solution

The audit process covered the following areas:

  • Personal interviews

Obtaining detailed information directly from the people responsible for individual areas of activity. Exorigo-Upos auditors asked questions about both technical and organisational aspects of information security. This allowed us to fully understand the context in which individual systems and procedures operate, giving us a thorough understanding of existing practices and potential vulnerabilities.

  • On-site inspection

We visited various locations to assess the compliance of the declared state with the actual state directly. We inspected physical security measures such as locks, alarm systems, video surveillance, access control, and other security mechanisms. We also checked whether organisational procedures such as access policies, key management, and emergency procedures are followed and effectively implemented. On-site inspections made it possible to verify physical and organizational security measures in individual locations.

  • Analysis of information systems

We conducted a detailed analysis of the IT infrastructure to assess its compliance with applicable laws and industry guidelines. We also conducted various tests and studies to evaluate the effectiveness and adequacy of the security measures, including access management, data encryption, malware protection, and security incident monitoring and response. The analysis of IT systems was a key element of the audit process.

  • Document analysis

The auditors analysed the organisational documentation to assess compliance with internal requirements and market standards. We also checked security policies, operating procedures, technical documentation, and other relevant documents. The analysis allowed us to assess the organization’s compliance with internal requirements and market standards.

Thanks to the audit carried out by Exorigo-Upos S.A., we obtained a full picture of the security situation related to the development, maintenance and hosting of one of the key systems. Exorigo-Upos auditors demonstrated high professionalism and reliability, documenting their findings in a detailed report, which included both positive aspects and areas for improvement. – says Marcin Szindler, CIO, BNP Paribas Faktoring.

Summary

The audit enabled BNP Paribas Faktoring to accurately identify the risks on the part of the Supplier of the key system. Implementing the recommendations contained in the audit report contributed to a significant increase in the level of security of IT systems and compliance with market standards. The audit process was comprehensive and detailed, covering all key aspects of information security.

Do you need a reliable IT services provider?

Then, you are in the right place. We would be happy to talk to you about your next project.

Contact us