How LinkedIn Elevated Its Risk and Compliance Platform To Improve Stakeholder Experience And Enable Next Generation Integrated Risk Management

Introduction

LinkedIn faced challenges with their legacy risk management tools and processes, including a lack of centralized source of truth and scalability issues. They embarked on a journey to find a solution that would address these challenges.

Proof of Concept and Implementation

LinkedIn conducted a proof of concept for various security risk management platforms to find the most suitable solution. They enlisted an implementation partner to expedite the onboarding process and guide them with best practices.

Onboarding Processes

The team began onboarding audit and third-party risk assessment processes, as well as policy hierarchy artifacts, into the new risk management platform. This allowed stakeholders, including employees and external suppliers, to effectively communicate and inquire about risk assessments and responsibilities.

Enhancing Stakeholder Insights

By associating control objectives with risk statements pertaining to LinkedIn's information security, the team was able to integrate insights from business continuity and risk management into their dashboards and reports. This provided valuable and efficient insights on risk observation throughout the IT environment.

Focus on Risk Management

With the improved risk management platform, LinkedIn was able to focus more time on managing risk rather than just measuring it. They worked directly with management to advise on aggregated top risks and recommended prioritization with mitigations.

Key Learnings

LinkedIn found that prioritizing the optimization of the data layer is crucial for building effective risk management solutions. They also emphasized the importance of sharing feature design approaches with other teams for automation and impactful results. Automating common test cases streamlined the process, allowing more time for testing sensitive workflows.