Ideal Security Operation Center
We provides consulting, legal support, compliance (ISO 27001, PCI-DSS, ISO 22301, GDPR, SOX, HIPAA) and internal policies (auditing and consulting to implement internet policies) services.
See-Secure compliance service provides consultancy and guidance through the process.
The general approach of this project will involve
several key activities, to be carried out by a team of security and
privacy specialists:
Phase 1 : Identification
Private-Data Mapping
Main objectives:
- Identify, document and confirm all business processes and IT assets.
- Identify and document all Private Data instances in all sources and locations in the environments associated to the business processes and IT assets.
- Document all entities involved for each process (e.g. process owner, business owners, department)
- Map interfaces to other processes in business.
Deliverable:
- Personal Data Process and Asset chart.
Produce a Private-Data Asset and Process Inventory
Main objective:
- Create a formal register of Private-Data, for each underlying IT system and overlaying process.
Deliverable:
- Organizational Processes and Assets inventory, inclusive of the data mapping elements: Physical/Logical Location of each data instance, Data Owner, Data Flow- Input and Output routes, Access Control, Replication and more.
Phase 2 : Compliance Assessment and Implementation
Compliance
Analysis Objectives:
- Based on the Data Mapping, evaluate existing and missing regulation controls and compliance objectives
- Determine overall posture against regulation
Deliverable:
Regulation Compliance report, including the following elements:
- Executive Summary
- Existing/missing compliance regulation processes and controls
- A quantitative figure attained offering the posture
Remediation and Recommendations
- Provide an account by which the compliance can be achieved
- Mitigation factors required to facilitate compliance with the Compliance
Work-Plan Assessment
Objective:
- Continuously track and monitor compliance process activities
- Perform a periodic compliance progress assessment
- A quantitative figure attained offering the posture
Deliverable:
- Updated Compliance report