Information Security Management ISM

At SOAProjects, we recognize that the risks associated with information security are increasing with the ever-changing world of technology and its continued integration into the infrastructure of critical business functions. Our professionals assist our clients in assessing and establishing appropriate safeguards for their existing information systems, identifying security-systems gaps and vulnerabilities and provide value-added industry best practices recommendations to manage the risks. Our Security Assessment capabilities include:

• Information Security Management - ISO 27001
• Identity Management
• User Provisioning and SOD Assessment
• Data Protection and Data Privacy
• Development of best practice Information Security Policies and Procedures
• Ethical Hacking and Penetration Testing Services

Information Security Management - ISO 27001

Information Systems are prone to potentially expensive security risks and threats leading to high client concern for information protection. An effective information security management system will be able to substantially reduce the information security risks. Our information security management service will lay a strong foundation for your company as we have:

• Deep understanding of the strengths and weaknesses of your enterprise-wide security practices
• Alignment with internationally recognized security standards
• Confidence that your security resources are being allocated appropriately
• Benchmarking of your organization against industry and geographic peers
• Enhanced communication with your Board and other stakeholders on security

Our approach to ISO 27001 compliance:

Identity Management

With increasing trend in complexity of IT infrastructure, multiple applications to meet the business requirements, managing users across organizations, end-user resistance to being held responsible for managing credentials and security requirements to preserve privacy and prevent identity theft, many large companies are struggling to unify the identity management process with a limited budget allocated to them.

Our consultants with extensive experience in the user management process and deep understanding of the complex IT infrastructure will be able to support the Identity Management requirements.

User provisioning and SOD Assessment

Segregation of Duties is a critical control issue for many companies which can result in fraudulent activities and errors as multiple conflicting tasks are performed by one individual. Sarbanes Oxley Act 2002 has placed a requirement on the publicly traded companies to increase the priority and visibility of segregation of duties. Our methodology implements Segregation of Duties by identifying sensitive tasks or authority which when combining can result in fraudulent activities.
Our SOD assessment solution examines the relationship between user provisioning and SOD and provides full lifecycle provisioning management for user profile attributes entitlements and approvals. The automation and integration of provisioning enables consistent application of business rules across complex enterprises which will help automate and centrally manage tasks. Our solution considers all core business processes and across all enterprise applications in addressing segregation of duties and compliant provisioning.
Our consultants have hands on experience in market leading SOD tools like Virsa, Approva, LogicalApps, etc. and will help you in effective and efficient implementation.

SOAProjects has custom tools that facilitate mapping client policy to ISO, CobiT©, COSO, PCI and various recognized and client specific standards for best practice in Information Security Management.  For more information, please refer to documentation found at our Publications page.