IT Risk Management & Security

Cybersecurity Heroes

IT Risk Management and Security has a vital role in ensuring compliance and enhancing the security of information and systems, as well as improving regulatory readiness across IT. We are committed to protecting MSD’s intellectual property in a complex and global marketplace and providing our workforce with the knowledge to guard against cyber and physical intrusions that could compromise our health care objectives.

Our Responsibilities:

Cyber Fusion Center

The Cyber Fusion Center (CFC) is a multi-disciplined approach that integrates cyber threat intelligence with security and technology operations and response. This integration drives the proactive, defensive actions that protect critical technology and data assets.

Data and System Protection

  • Information Risk Management (IRM) policy design, development, implementation, and governance
  • IRM policy consultancy services
  • Monitoring laws, regulations, standards, and emerging risks
  • Audit Support for Data Sciences

Governance, Risk, Compliance

  • Managing the company’s Software Development Life Cycle
  • Assisting entire company with risk management and inspection readiness
  • Ensuring the quality, validation, and compliance of systems and processes
  • Performing compliance impact reviews (CIRs)
  • Archer team capability
  • Privacy stewardship
  • Risk treatment

Identity and Access Management (IAM)

IAM is the security discipline that enables the right individuals to access the right resources at the right times for the right reasons.

  • Protects and manages digital identity lifecycle for employees and external collaborators
  • Manages authentication services
  • Protects privileged accounts

Security Analytics

The goal of security analytics is to turn raw data from distinct sources into actionable insights to identify security events that require an immediate response through the correlation of activities, reports, dashboards and alerts.