One of the first IPO fund companies with a banking background in China. Its business scope includes fund raising, fund sales, asset management and other businesses permitted by the China Securities Regulatory Commission. It manages nearly 60 mutual fund products in total, has developed 12 dedicated account product solutions in 4 major categories, and has also provided investment advisory services for several products. Its asset management scale exceeds 100 billion yuan.
Project Background
The client faces the following challenges in IT compliance management and CMDB construction:
Decentralized compliance management: Lack of a unified compliance management platform makes it difficult to meet the increasingly stringent regulatory requirements of headquarters and the fund industry. Low compliance audit efficiency: The compliance audit process relies on manual operations, making it difficult to meet the needs of high-frequency regulatory inspections. Incomplete Asset Information Management: CMDB configuration items are incomplete and do not accurately reflect the relationship between IT infrastructure and business systems. Difficult asset change management: There is no effective mechanism for tracking asset changes, making it difficult to ensure the timeliness and accuracy of CMDB data.
Project Solution
- Compliance system document system modeling: Establish a multi-dimensional compliance system document model to achieve version management, association management, and lifecycle management of system documents, and ensure that system documents are synchronized with regulatory requirements in real time.
- Automatic compliance audits: Build an automated compliance audit platform to automatically assign audit tasks, automatically collect audit data, and automatically generate audit reports, increasing audit efficiency by more than 50%.
- Automatic infrastructure discovery: Through automated tools, achieve automatic discovery and configuration information collection of infrastructure resources such as servers, network devices, and storage devices, and create a complete resource topology relationship map.
- Full lifecycle management of assets:
- Automatic synchronization as assets come online: Achieve automatic synchronization of new assets with the monitoring system and the Bastion host system as they come online to ensure consistency of asset information.
- Automatically synchronize when assets go offline: Establish an offline asset approval process. When assets go offline, they are automatically removed from the monitoring system and the Bastion host system to reduce security risks.
- Bastion Host Access Management: Establish a unified access control system for the Bastion host to achieve centralized management and auditing of host access.
- Firewall policy management: Achieve centralized management of firewall policies, identify invalid policies, and automatically notify administrators.
- IP address and capacity management:
- Create an IP address resource pool to automate the allocation and recycling of IP addresses.
- Implement real-time monitoring of IP address usage to prevent IP address conflicts and misuse.