The service, how it works

4 phases to design IT security tailored to your company.

1

Preliminary Evaluation

Free and without obligation

The objective of this phase is to identify together the needs and the most important criticalities in terms of IT Security to estimate the service and the project times.

Details

Sharing of the organization's objectives in terms of Information Security and Resilience

Estimation of the initial situation

Understanding of the organization.

Definition of the scope of intervention and the internal resources involved.

Identification of the main criticalities

Estimate of the number of days required for the second phase "Definition of the Security Program".

I'm interested
Fase2
2

Safety Program Design

Definition of the intervention and maintenance programs that will form the basis of the service contract

Details

Understanding of the organizational / business model

Knowledge of organizational structures

Acquisition of the main processes

Asset assessment (identify what needs to be protected)

Vulnerability analysis e risk assessment

Proposal of interventions and priorities

Sharing of goals

Formalization of the Security Program 

Service contract proposal

Fase3
3

Implementation of the Security Program

The essential condition to be successful in a transformation process like this is to establish a relationship of mutual trust and understanding between the CISO and the organization.

Details

Implementation of the agreed Security Program

Periodic meetings with the heads of operational functions

Implementation of the techniques and tools identified

Staff awareness and training program 

4

Verification of the results and evolution of the Safety Program

Maintenance and evolution of the Information Security Program.

Details

Continuous verification and adjustment of risks and solutions in the field

Management of service levels of security solution providers

Support to business functions

Periodic reports on deviations and recommendations for repayment plans

Constant and direct involvement of the Management

lance-asper-tx3YTxZn6RA-unsplash
Information Security is not bought on the market

Security is the result of processes that include people, skills, behaviors, tools and services and that require effort and time to function properly. 

Contact