As a tactical discipline, Managed Compliance ensures that appropriate actions are being taken to execute Information Security Governance objectives, based on stated risk tolerance. The service is provided by senior and accredited information security advisors that regularly assess the effectiveness of technical and organizational controls in meeting internal policy as well as external industry and regulatory requirements.
A compliance plan is developed and monitored, enabling organizations to quantify and use compliance risk as a key metric when making and enforcing security policy, regulatory and industry requirements, align their efforts and priorities with the organization’s strategic goals and satisfy auditors and regulators.
Clients receive regular detailed compliance assessment reports on the overall status of systems, areas of non-compliance and guidance on how to return these systems to compliance. Clients also receive trend reporting and analysis that helps them determine if their overall security posture, as well as each individual security discipline area is getting better or worse and why.
The Services are enhanced by the SWORDFISH Platform, an Obrela Security Industries developed software especially for security policy, processes management and compliance monitoring.
- Regular Compliance Assessments
- Compliance Planning
- Regular Reporting
- Subject Matter Advice
- Decision Support