CA-GIP · Crédit Agricole · Finance

How CA-GIP structured third-party risk management with Make IT Safe

Context

CA-GIP (Crédit Agricole Group Infrastructure Platform) handles 80% of the Crédit Agricole group’s IT production and technology infrastructure. With 2,000 staff spread across 8 sites in France, the platform hosts applications that serve 7 million unique visitors every day. The CISO team at CA-GIP needed to structure and secure how security is embedded at each stage of the supplier relationship: upstream during selection, during contracting with the roll-out of supplier security assurance plans (SSAs), and after contract through audit campaigns.

A platform chosen for flexibility and simplicity

Make IT Safe was selected for its ability to cover the entire supplier lifecycle in a single platform. The CISO team now relies on the tool to qualify services upstream, to evaluate supplier cyber maturity against adapted frameworks, and to run post-contract audits.

Results

The results achieved

Structured process

Supplier assessments now follow a formal framework covering all three phases of the contractual relationship.

Better traceability

All information is archived in Make IT Safe, with fast access to the history.

Tailored assessments

Each service is qualified based on its impact, making SSAs proportionate to the most strategic suppliers.

“Make IT Safe gave us a structuring yet flexible framework that covers our entire supplier cycle, from qualification all the way to audit.”

CA-GIP CISO team

Crédit Agricole Group Infrastructure Platform

About

Since 2019, CA-GIP has been handling nearly 80% of the Crédit Agricole group’s IT production. With 2,000 employees across 8 French sites, CA-GIP hosts applications that serve 7 million unique visitors a day.

80% of group IT production2,000 employees8 French sites7M unique visitors/day

Want to get started — or just learn more?

Our team is here to guide you.

Request a demo Get in touch