Upload
alaina-charles
View
218
Download
0
Embed Size (px)
Citation preview
Challenges Complying with multiple regulations,
requirements and best practices Documenting compliance and security
activities Creating, managing and disseminating
effective policies Tracking policy knowledge, understanding and
awareness
Trends Complex Global Regulations Legal liability risks Supply chain and B2B trust Maturing standards Risk Management increasingly part of IT
Security
The SecureAware Solution SecureAware enables your organization to:
Have efficient compliance management Create and disseminate rational policies Ensure organizational accountability through
unique user awareness programs tied directly to your policies and process The Human Firewall
Perform Enterprise Risk Management (ERM) Build an Information Security Management System
(ISMS) aligned directly to your business
Key Technical Specifications Java 2 Platform Enterprise Edition Major SQL Platforms Supported
Hypersonic SQL included LDAP and Active Directory Integration XML, Web Services, and CSV for data
exchange Microsoft SharePoint Integration
Policy Management Create Policies with Expert Guidance Leverage ISO 27002 or your own policy Link to or import related documents Extend with industry specific standards
SecureAware Automatically Generates PDF, Word and HTML Versions Creates Policy Quizzes Maps Policy again Standards and Regulations Creates Custom role-based reports Records who read the policy Tracks training and awareness progress
Compliance Workflow Module Fully integrated into Policy Module Mange compliance oriented projects
Policy Development Internal Audit External Audit
Distributes tasks to owners Integrates with email and Active Directory
Compliance Gap Analysis Module Check lists similar to controls in ISO 27002 &
BS7799 Complete questionnaire including:
135 Controls ~600 implementation guidelines
Role based compliance assessments Individuals are assigned to different parts of
compliance assessments PDF reports with overview and details
Risk Assessment Module Business Impact Assessments Vulnerability Assessments Interest Level Assessment Role-based Interviews Archive for assets, systems and business
processes and their relationships PDF reporting
Risk Assessment Module System Oriented Assessment Qualitative Method
Use your own numerical weighting Based on
Confidentiality Integrity Availability
Outcomes relates to business processes
Risk Assessments – 5 Quick Steps!1. Business Processes and IT System
1. ID and dependencies
2. Assign Assessment Roles3. Create and Start and Assessment Instance4. Interviews5. Review Draft Report
Awareness Program Module Animated films for end users Test for best practices and company policies
What makes a good password What is the company policy for password storage
Management Reporting