Our part-time IT director was responsible for enhancing operations through IT strategy and security for this charity.
Company Profile
This charity, based in Liverpool, provides crucial residential care and education for people of all ages, focusing on community support and welfare.
CEO’s Mission
In the wake of a severe cyber incident that caused significant data loss and downtime, the CEO aimed to assure trustees of robust measures to prevent future occurrences. The solution involved recruiting an experienced CIO to establish effective governance of information systems, aligning the internal IT team with the charity’s strategic goals.
CIO’s Objectives
- Formulating an IT strategy in harmony with the charity’s five-year plan.
- Developing the IT team into a capable and efficient department.
- Managing IT compliance and standards to ensure robust operations.
- Transforming the IT team into a leading unit within the organization.
- Overseeing information security to safeguard sensitive data.
What the CIO Did
Developed an IT Strategy
The CIO collaborated with the existing IT management to devise a strategy that complemented the charity’s overarching five-year goals. By integrating the IT staff in this process, the CIO highlighted IT’s role not just as a functional enabler but as a differentiator in service excellence. This initiative fostered a new IT culture focused more on organisational impact than on mere technical issues.
Security and Governance
The Director implemented a set of security standards and controls approved by the board. This included a new device management system for managing endpoints. This system improved reporting and compliance. By integrating with the ticketing system to allow IT staff to swiftly address non-conformities and maintain near-continuous compliance.
Service Delivery
The Director pursued a cloud-first IT strategy and security approach. They did so by reviewing all software used across the charity and establishing a new approval structure to meet security requirements. Recognising the lack of a system to record IT incidents and requests, a ticketing system was introduced to track work and monitor key performance indicators (KPIs), enhancing service delivery standards.