SECURITY - GOVERNANCE - RISK - COMPLIANCE
Security Risk Assessment, IT Services
March 31, 2011
An organization had identified dependencies on several different infrastructure system and needed a risk assessment of their current environments to be transformed into a new built data centre environment. Cybersecurity focus was to ensure Confidentiality, Integrity and Availability (CIA) of the systems data before, during & after transformation.
Upon client requested, a seperate project was launched to remediate and/or implement new requirements, in order to conform to the organizations cybersecurity strategy.
The project scope in transition and remediation plan included work to design a new security risk protection process and procedures that included requirements of specific data in all identified system, network, data bases and application for data protection. The transition project also created the project schedule, task list and resource estimates and budget for the tranformation project to perform remediation of informationsystem.
Contact Fogel Consulting through the contact form to receive further information and possibility to present your own case and business needs.
This organizations business was under transformation from several different operating systems to become one unified standard för the whole organization. During the transformation, there was a need to develop en implement a new cybersecurity risk assessment process that enabled the business to merge the right systems to the righ data repositories as there were a mix of different data stored together and needed to be segregated from each other.
Core challenge was to review and perform an assessment of the organizations security monitoring process, including recommendations for process improvements (such as detection, prevention, remediation and business continuity) and if the organization ha capability to ensure that Confidentiality, Integrity and Availability (CIA) remained uncompromized during all phases.
The project was divided into 6 sperate tracks to remediate and/or implement new requirements as agreed in organizations specified requirements.
To ensure the core goal of achieving Cinfidentiality, Integrity and Availability (CIA), the projects tracks was designed to includ work for new security risk protection requirements on client system, network, data bases and application to protect data.
The 6 tracks goal and scope was:
Re-design and implementation of a new Information System Security Control Strategy Architecture Road Map.
Design and implementation of IDP/IDS services
Review and assessment of security risks monitoring process, including recommendations for process improvements
Design and implementation of new system security check procedure and tools for monitoring.
Design and implementation of new tools and processes for monitor of privileged users
Develop and implementation of a detailed Information system Security Controls Document (ISCD)
All deliverables created, impemented and handover was: