PFRO, or PFR Operacje Sp. z o.o., was established in October 2020 as part of the Polish Development Fund Group. Its main tasks are to raise the maturity level in IT and security areas, optimize procurement for these areas, and increase the transparency of the responsibility structure for the maintenance and development of applications and IT systems. The company focuses on IT services and cybersecurity, supporting other units within the group.
What didi the client expect?
The Polish Development Fund (PFR) was looking for a partner to help achieve its goals related to enhancing cybersecurity and data protection within the PFR Group. The task was to be carried out in accordance with the adopted strategy, which aimed to increase the transparency of the responsibility structure for the development and maintenance of applications and IT systems. PBSG was chosen for the project due to our attractive offer and extensive experience in the area of Information Security Management Systems (ISMS) and Business Continuity Management (BCM).
What did we do?
WE IDENTIFIED RESOURCES
Firstly, we focused on inventorying the documentation and assessing the business continuity plans across all subsidiaries of the PFR Capital Group. This allowed us to proceed with the BIA analysis, which resulted in the development of regulations and the overall concept of IT security principles within the PFR Capital Group.
WE CONDUCTED A BIA ANALYSIS
In the next step, we proceeded with the BIA analysis within the subsidiaries of the PFR Capital Group. It was crucial to develop the methodology and coordinate the efforts related to preparing new and updating existing action plans in the business areas of each company.
WE DEVELOPED ACTION PLANS
The outcome of step 2 was the development of business continuity plans for critical services within the PFR Capital Group and the establishment of consistent, final principles for information security across the entire PFR Group. Equally important was the classification of information.
WE CONDUCTED TESTS
In the final step, we conducted business continuity tests for PFRO services for the PFR Group companies, as well as for the existing business continuity plans across all companies. We summarized the entire work in a final report, including conclusions and recommendations.
What were the results?
The project involved optimizing the management of business continuity to enhance the level of cybersecurity and data security within the PFR Capital Group. We conducted the necessary analyses and tests while adhering to security principles, which verified the current state of the IT area and the organization’s preparedness for crisis situations. Through our collaboration, PFR refined, improved, and updated its business continuity plans.
Additionally, when analyzing BIA, we utilize standards such as BS 25999 and ISO 22301, research from the Disaster Recovery Institute (DRI), and our own best practices. This provided PFR with access to the best solutions used by organizations worldwide.
What did the client gain?
Raising the level of cybersecurity and data security.
Refined and updated action plans.
Improvement of the general principles of information security.
Increased awareness and knowledge of employees regarding IT security.
