Kraft Foods has won the U.S. Information Integrity Coalition's prestigious 2009 Silver Award for excellence in information integrity (EIIA) using Citicus ONE risk and compliance management software.  The award recognises the efficient, consistent and reliable way that Kraft Foods manages the risk posed by thousands of IT systems, sites and suppliers.  The software equips Kraft Foods to manage its information security, risk and compliance obligations from any of its global locations and business-oriented results can be produced for decision-makers within hours. 

Jim Pesce, Manager in Kraft Foods’ Internal Controls group, explains their initial risk management challenge:

“Investors, regulators, business partners and consumers expect us to manage risk well.  Our goal was to create a common approach to address risk / compliance of our information systems and create a systematic method of measuring information risk.  By disclosing dependencies and relationships between business processes, information systems and third party partners, we could obtain a broader view of this risk and simplify data collection and reporting.”

Kraft Foods chose Citicus ONE software to help manage one of its key areas of risk, reduce the likelihood and impact of incidents and provide management with an informed view of information systems risk across their organization.  A representative from the core global team and regional coordinators work with business leads who are most dependent on specific systems, sites, processes or suppliers - coupled with specialists from Kraft Foods' information systems, security and controls group. 

Business leads at Kraft Foods use Citicus ONE’s succinct criticality assessments, risk scorecards and incident assessments - supported by harm reference tables and detailed checklists customized by Kraft Foods - to help measure information systems risk and compliance in objective business terms.  The software generates highly visual, impactful results including risk and compliance status reports, heat maps, dependency maps, risk dashboards, league tables and incident statistics. 

Using Citicus ONE, the time taken to do deep dive assessments has been significantly reduced and the high quality results mean that Kraft Foods can focus resources on high risk areas and meet risk and compliance requirements.  Jim Pesce adds:

“Further strengthening our risk management program is a high priority at Kraft Foods.  We needed a simple but effective risk assessment tool that could address our current business challenges and adapt well to future changes.  Citicus ONE is very easy to use, and delivers an excellent range of reporting and users get immediate access to results."

Marco Kapp, director of Citicus Limited comments on Kraft Foods' success:

“We are delighted that our Citicus ONE software and underlying risk management methodology has helped Jim Pesce and his colleagues to create a world-class information systems risk and compliance management program and to see Kraft Foods' achievements rewarded by the Excellence in Information Integrity Coalition's 2009 Sliver award.”

Simon Oxley, managing director at Citicus Limited adds:

“Managing risk well across a large organization is challenging and requires innovative, forceful and collaborative program management, as well as good tools.  Kraft Foods' risk and compliance team have done a great job in meeting this challenge and we are proud to be working with them and similar organizations around the world to build robust, efficient risk and compliance programs that decision-makers can rely on.”