Company StatementThe AXA Group, world leader in Financial Protection, supports and advises its individual and corporate customers at every life stage, providing them with the products and services that meet their insurance, personal protection, savings and wealth management needs.
Our areas of expertise are reflected in a range of products and services adapted to the needs of each client in three major business lines : property-
casualty insurance, life & savings, and asset management.
Present in 59 countries, the 161,000 employees and distributors of AXA are committed to serving 103 million clients. AXA chose to gather its central functions within an economic interest grouping (GIE).
The GIE AXA main missions are to :
The AXA Group’s head office, based in the 8th arrondissement in Paris, accounts for around 804 employees. With 39 nationalities among its staff, a distinguishing trait of the head office is its strong international atmosphere.
Information Risk Management In the context of growing cybersecurity threats and global information risks, regulators require AXA to get a solid second line of defense to ensure the overall risks are adequately managed and that risk appetite is mastered in that respect.
Although protection of information is a shared responsibility of all AXA entities, including all AXA employees, agents, and advisors, GRM has set a specific department to guide and control AXA in this effort : Group Information Risk Management (GIRM) is responsible for leading the enterprise's approach for managing existing and emerging risks associated with the stewardship of AXA information.
The Information Risk Challenge & Advisory team performs challenge and / or advisory (aka second opinion’) reviews on Information risks and vendor risks, independently conducting studies and following-
up the remediation actions. In that context, the CHALLENGE & ADVISORY EXPERT oversees a portfolio of second opinion reviews on Information risks, independently conducting studies and following-
up the remediation actions. He / she issues recommendations (if findings are below the risk appetite of the concerned entity) and / or requirements (mandatory implementation by the CxO, shall the risk appetite be overflowed).
He / she challenges and verify Information cases designed and operated by 1st line of defense, both at a Group level or in specific entities as per plan and oversees its effective remediation to reduce the residual risk exposure.
Bringing in a strong expertise in IT and / or project management, as well as a risk management perspective, he / she provides highly appreciated advices and reports about information use cases to executive committees and among senior business deciders.
Its finding being reported by a separate unit of GIRM ( Framework & Report ), he / she acts as a real team player and a role model in AXA values : courage and ONE AXA. Main activities :
and Present the outcome of the reviews to senior management. Follow-up of the remediation actions for the concerns raised in the second opinions (recommendations and / or requirements) :
processes and to animate the Information Risk Management Community :