SecureAware Building an Information Security Management System
Challenges Complying with multiple regulations, requirements and best practices Documenting compliance and security activities Creating, managing and disseminating effective policies Tracking policy knowledge, understanding and awareness
Trends Complex Global Regulations Legal liability risks Supply chain and B2B trust Maturing standards Risk Management increasingly part of IT Security
The SecureAware Solution SecureAware enables your organization to: Have efficient compliance management Create and disseminate rational policies Ensure organizational accountability through unique user awareness programs tied directly to your policies and process The Human Firewall Perform Enterprise Risk Management (ERM) Build an Information Security Management System (ISMS) aligned directly to your business
SecureAware Modules
SecureAware Platform
Key Technical Specifications Java 2 Platform Enterprise Edition Major SQL Platforms Supported Hypersonic SQL included LDAP and Active Directory Integration XML, Web Services, and CSV for data exchange Microsoft SharePoint Integration
Certify Once, Comply Many
Policy Management Create Policies with Expert Guidance Leverage ISO or your own policy Link to or import related documents Extend with industry specific standards
SecureAware Automatically Generates PDF, Word and HTML Versions Creates Policy Quizzes Maps Policy again Standards and Regulations Creates Custom role-based reports Records who read the policy Tracks training and awareness progress
Policy Management
Compliance Workflow Module Fully integrated into Policy Module Mange compliance oriented projects Policy Development Internal Audit External Audit Distributes tasks to owners Integrates with and Active Directory
Compliance Gap Analysis Module Check lists similar to controls in ISO & BS7799 Complete questionnaire including: 135 Controls ~600 implementation guidelines Role based compliance assessments Individuals are assigned to different parts of compliance assessments PDF reports with overview and details
Audit Questionnaire
Detailed Management Reporting
Risk Assessment Module Business Impact Assessments Vulnerability Assessments Interest Level Assessment Role-based Interviews Archive for assets, systems and business processes and their relationships PDF reporting
Risk Assessment Module System Oriented Assessment Qualitative Method Use your own numerical weighting Based on Confidentiality Integrity Availability Outcomes relates to business processes
Multi-lingual Reporting
Risk Assessments – 5 Quick Steps! 1. Business Processes and IT System 1. ID and dependencies 2. Assign Assessment Roles 3. Create and Start and Assessment Instance 4. Interviews 5. Review Draft Report
Awareness Program Module Animated films for end users Test for best practices and company policies What makes a good password What is the company policy for password storage Management Reporting
Customize all Awareness Components
Animated Courseware
SecureAware Skins
Thank you