Скоро материал придет на указанную электронную почту. Также подписывайте на нас в Facebook
ICL Services standard for information security management of service projects
Information security incidents can be very damaging to business. According to 60% of directors and heads of financial departments and organizations, cyber security is one of the most serious risks (ACCA study), and the responsibility for ensuring cyber security often falls on IT specialists alone.
In order to establish unified requirements for information security management of commercial projects and define standard IS measures aimed at ensuring compliance with the requirements and reducing IS risks in service projects, ICL Services created a special Information Security Management Standard. The standard was created on the basis of ISO 27001, the recognized international standard for IS management.
The users of the standard are the Company’s employees in executive positions within the framework of service projects. The IS management standard consists of a risk-based approach. This involves conducting an analysis of IS risks and customer requirements for each project, after which measures to ensure IS are implemented. The way in which the same IS measures are implemented may vary from project to project.
In order to assess the level of maturity of the IS management process of a particular project, as well as to further improve the IS management processes within the project, ICL Services has developed a 4-level maturity model:
- Level 4 is the highest. This level is not always needed.
- Level 3 is the target level. The objective of Level 3 projects is to support it.
- Level 2 is the minimum allowable level. The objective of Level 2 projects is to reach Level 3.
- Level 1 is the lowest. This level is considered a risk for IS. The objective of Level 1 maturity projects is to achieve at least Level 2 maturity.
The level of maturity is assigned based on the results of the IS internal audit of the project and is recorded in the audit report. The parameters by which the maturity level is estimated include compliance with customer requirements in the field of IS, IS risk management within the project, communication, team awareness, access control and others.
The information security management standard was developed in 2015. During 4 years of work, it was implemented in many of the company’s Russian and international projects. As noted by project managers, thanks to the implementation of the IS management standard, these projects have significantly reduced IS risks, and as a result, the number of incidents and escalations has decreased, and customer satisfaction has increased.
- 12 May
We tell how our company supports more than 80 applications for German clients.
- 4 June
ICL Group is the top 20 Russian IT company in the RIA Rating.
- 4 August
We support hundreds of software projects. so the concept of «maintainable code» is one of the most principal for us.
- 10 September
Corporate data security monitoring and availability of corporate applications and services on mobile devices are provided by MDM solutions.
- 4 April
IT outsourcing as a way to optimize budget without hurting company's performance.
- 27 April
The demand for cloud computing in Russia is real.
- 21 July
The latest issue of PULSE magazine established by IAOP outsourcing association (International Association of Outsourcing Professionals®)
- 17 May
The session will be held on June 22, 2017 in Moscow in the business center "Novinsky Passage" at the studio CulinaryOn.
- 20 September
A proper approach to workflow management creates a basis for the introduction of other components of the "social platform" at the company.