SecureAware

Building an Information Security Management System

Challenges Complying with multiple regulations,

requirements and best practices Documenting compliance and security

activities Creating, managing and disseminating

effective policies Tracking policy knowledge, understanding and

awareness

Trends Complex Global Regulations Legal liability risks Supply chain and B2B trust Maturing standards Risk Management increasingly part of IT

Security

The SecureAware Solution SecureAware enables your organization to:

Have efficient compliance management Create and disseminate rational policies Ensure organizational accountability through

unique user awareness programs tied directly to your policies and process The Human Firewall

Perform Enterprise Risk Management (ERM) Build an Information Security Management System

(ISMS) aligned directly to your business

SecureAware Modules

SecureAware Platform

Key Technical Specifications Java 2 Platform Enterprise Edition Major SQL Platforms Supported

Hypersonic SQL included LDAP and Active Directory Integration XML, Web Services, and CSV for data

exchange Microsoft SharePoint Integration

Certify Once, Comply Many

Policy Management Create Policies with Expert Guidance Leverage ISO 27002 or your own policy Link to or import related documents Extend with industry specific standards

SecureAware Automatically Generates PDF, Word and HTML Versions Creates Policy Quizzes Maps Policy again Standards and Regulations Creates Custom role-based reports Records who read the policy Tracks training and awareness progress

Policy Management

Compliance Workflow Module Fully integrated into Policy Module Mange compliance oriented projects

Policy Development Internal Audit External Audit

Distributes tasks to owners Integrates with email and Active Directory

Compliance Gap Analysis Module Check lists similar to controls in ISO 27002 &

BS7799 Complete questionnaire including:

135 Controls ~600 implementation guidelines

Role based compliance assessments Individuals are assigned to different parts of

compliance assessments PDF reports with overview and details

Audit Questionnaire

Detailed Management Reporting

Risk Assessment Module Business Impact Assessments Vulnerability Assessments Interest Level Assessment Role-based Interviews Archive for assets, systems and business

processes and their relationships PDF reporting

Risk Assessment Module System Oriented Assessment Qualitative Method

Use your own numerical weighting Based on

Confidentiality Integrity Availability

Outcomes relates to business processes

Multi-lingual Reporting

Risk Assessments – 5 Quick Steps!1. Business Processes and IT System

1. ID and dependencies

2. Assign Assessment Roles3. Create and Start and Assessment Instance4. Interviews5. Review Draft Report

Awareness Program Module Animated films for end users Test for best practices and company policies

What makes a good password What is the company policy for password storage

Management Reporting

Customize all Awareness Components

Animated Courseware

SecureAware Skins

Thank you

www.lightwavesecurity.com