When major retailer was faced with IT performance and compliance issues, they called on the experts in IT consulting at SSI to help them overhaul their processes. This provided increased efficiency and functionality — and alignment with compliance requirements.


The development practices of this major global retailer’s IT department was leading to severe quality issues and dissatisfied internal customers. Despite their ability to deliver quickly, their systems lacked the desired functionality and were prone to error. To add insult to injury, internal and external PCI and JSOX auditors were threatening dramatic consequences for non-compliance.


SSI’s experienced process development and implementation consultant was tasked with solving these interrelated issues. SSI immediately set up an internal governance board and developed a comprehensive governance framework that encompassed all IT functions. This was quickly followed by the development of Request Management and Project Delivery policies – this processes and procedures document was customized for the client, but based on best practices and written to meet regulatory requirements. Training of the team and ongoing coaching sped up the implementation.

While developing the framework artifacts, PCI and JSOX assessments were conducted to determine design and effectiveness gaps. Working closely with internal and external auditors, remediation plans were developed and monitored.  A metrics scorecard was implemented to ensure ongoing performance.

Initial implementation was delivered within two months, and SSI followed up with the development of additional policies, processes, and procedures for the remaining IT functions.


Dramatic results were received in a short time frame, and the benefits continue today. The team has seen a significant increase in internal customer satisfaction, including, but not limited to:

  • Fact-based decision-making upfront as to project selection
  • Better customer expectation setting
  • More accurate estimating
  • Better requirements gathering
  • Less reworking

Also, compliance with PCI and JSOX requirements was achieved in a short timeframe and is maintained using the assessment tool.

The client is highly satisfied with the work provided by SSI and has continued to engage consultants to remediate other issues.