Information Security Transformation
Case Study

Impact Makers ensured information security program maturity as part of a broader transformation effort.


  • Governance, Risk & Compliance
  • Program and Project Management
  • Management and IT Consulting
  • Process Engineering and Business Analysis


A $3B+ mid-sized health care system with more than 20,000 employees recognized the importance of maturing their information security program after commissioning an independent information security assessment where they were compared against their peers in both the healthcare and commercial space. Upon completion of the assessment, the Board of Directors mandated that the information security program reach a significantly higher maturity level which would then strengthen their reputation, lessen the likelihood and impact of a security breach and establish a strong foundation to build on.


  • Analyzed prioritized and organized proposed projects into a holistic transformation program and identified additional projects and efforts to reduce risk
  • Managed 12+ critical projects as part of transformation

Impact & Results

  • A solid foundation for the information security program including a risk management framework, a security architecture framework and an information security governance structure
  • Policies and standards aligned with widely-accepted security controls frameworks
  • A pilot of a secure texting solution for physicians to help ensure compliance with HIPAA requirements
  • More mature change and asset management processes based on ITIL best practices
  • Detailed processes that improved the overall maturity of the information security program
[WEBINAR] Patagonia Unpacked - “All Profits to Charity” and the Social Enterprise Movement
Wednesday, October 19, 2022 @ 3:00PM EDT
Register Today