Home » Resources » Resolving Audit Failures: Strengthening Data Access Controls
Resolving Audit Failures: Strengthening Data Access Controls
In one of the largest investment banks in the world, a high visibility audit revealed inappropriate access to project and application shares. Board-level stakeholders were made aware of the failed audit and the severity of the findings required immediate remediation of the access control issues.
The Challenge:
A global investment bank failed a high-visibility audit when inappropriate access was discovered across project and application shares. Internal tools proved ineffective, covering only a fraction of the data estate and leaving major blind spots. Key challenges included:
-
Incomplete and inaccurate data collection: With both legacy and modern storage systems in play, the bank struggled to gather consistent and accurate information.
-
Complex and varied use cases: Permissions were inconsistent across parent and child folders, open access was buried deep within directory structures, and stale data persisted across shares.
-
Lack of clear ownership: Conflicting or missing ownership records made it nearly impossible to assign accountability to specific business areas.
-
Challenging owner outreach: Sensitive areas of the bank, including investment banking and HR, required careful communication strategies, while other departments needed faster, more aggressive campaigns.
-
Delayed remediation and compliance risks: Manual processes introduced bottlenecks, often causing delays between ownership validation and permission changes.
