Skip Ribbon Commands
Skip to main content
< BACK

Novo Nordisk IT Security Risk Assessments

RISKY BUSINESS

Novo Nordisk faces numerous attack attempts on its IT systems daily. The threats and attack methods vary in magnitude, severity and frequency, and could have severe reputational and financial impacts on Novo Nordisk’s business.

Novo Nordisk is responding to this challenge by launching a new IT Security Instruction to replace the current MSR (Minimum Security Requirements) and IT Security Procedure. The instruction mandates a new IT Security Risk Assessment and Security Plan to be executed when new IT systems are implemented or existing IT systems are modified.

NNIT can help Novo Nordisk to perform the IT Security Risk Assessments, and then to plan and implement security controls to mitigate the identified risks.

YOUR APPROACH IS OUR APPROACH

We follow Novo Nordisk’s approach for managing IT security. By executing the following activities we help you to understand your risks and how to mitigate them:

  • Risk Assessment: Identifying IT security risks related to the IT system, and assess their impact on business processes and the likelihood of occurence.

  • IT Security Controls: Determining which IT security controls should be implemented based on the results of the risk assessment.

  • Implement and Maintain: Implementing the IT security controls, and then reviewing and following up on IT security risks and IT security controls on a regular basis.

TRACK RECORD

We have many years of experience in assisting Novo Nordisk and other pharmaceutical organizations with IT security activities, including the following examples:

  • Information Security Assessments: Assessing the information security maturity of organizations, covering people, processes and technology aspects, and providing a roadmap to close gaps.

  • Business Impact Assessments (BIAs): Assessing the confidentiality, integrity and availability aspects of information contained in new or updated systems to determine the overall risk and as a basis for implementation of security controls.

  • Regulatory Assessments: Information security assessments to identify regulatory compliance issues regarding data confidentiality, integrity and availability. Regulations include FDA Part 11 and EU General Data Protection Regulation.​

 

Please contact us at itmanagement@nnit.com for further information.

 

 

John Clayton+4530794043jnac@nnit.com ​​IT Management Consultant and Cybersecurity Specialisthttps://dk.linkedin.com/in/johnclaytondkJohn Clayton

 

 

How scammers attack your company using CEO fraudhttps://www.nnit.com/cybersecurity/Pages/How-scammers-attack-your-company-using-CEO-fraud.aspxHow scammers attack your company using CEO fraud
EU MDRhttps://www.nnit.com/Life-Sciences/Regulatory-Affairs/Pages/EU-MDR.aspxEU MDR
CVIhttps://www.nnit.com/about-us/Pages/CVI.aspxCVI
Organizationhttps://www.nnit.com/about-us/Pages/Organization.aspxOrganization
Historyhttps://www.nnit.com/about-us/Pages/history.aspxHistory
Regulatory Information Management System (RIMS): Keep your product data in controlhttps://www.nnit.com/Life-Sciences/Regulatory-Affairs/Pages/RIMS.aspxRegulatory Information Management System (RIMS): Keep your product data in control
TopBannerRight_UK_CEWPhttps://www.nnit.com/SiteCollectionDocuments/TopBannerRight_UK_CEWP.htmlTopBannerRight_UK_CEWP
Digital transformation: Launch your business into the cloud and bring your data into play https://www.nnit.com/OfferingsAndArticles/Pages/Digital-transformation-Launch-your-business.aspxDigital transformation: Launch your business into the cloud and bring your data into play
TopBannerLeft_UK_CEWPhttps://www.nnit.com/SiteCollectionDocuments/TopBannerLeft_UK_CEWP.htmlTopBannerLeft_UK_CEWP
Bang & Olufsen moving into the cloud: A natural step on the digital transformation journeyhttps://www.nnit.com/OfferingsAndArticles/Pages/BO-moving-into-the-cloud-A-natural-step-on-the-digital-transformation-journey.aspxBang & Olufsen moving into the cloud: A natural step on the digital transformation journey