ICL Services
12 September 2019


Скоро материал придет на указанную электронную почту. Также подписывайте на нас в Facebook


ICL Services standard for information security management of service projects

Information security incidents can be very damaging to business. According to 60% of directors and heads of financial departments and organizations, cyber security is one of the most serious risks (ACCA study), and the responsibility for ensuring cyber security often falls on IT specialists alone.

In order to establish unified requirements for information security management of commercial projects and define standard IS measures aimed at ensuring compliance with the requirements and reducing IS risks in service projects, ICL Services created a special Information Security Management Standard. The standard was created on the basis of ISO 27001, the recognized international standard for IS management.

The users of the standard are the Company’s employees in executive positions within the framework of service projects. The IS management standard consists of a risk-based approach. This involves conducting an analysis of IS risks and customer requirements for each project, after which measures to ensure IS are implemented. The way in which the same IS measures are implemented may vary from project to project.

In order to assess the level of maturity of the IS management process of a particular project, as well as to further improve the IS management processes within the project, ICL Services has developed a 4-level maturity model:

  • Level 4 is the highest. This level is not always needed.
  • Level 3 is the target level. The objective of Level 3 projects is to support it.
  • Level 2 is the minimum allowable level. The objective of Level 2 projects is to reach Level 3.
  • Level 1 is the lowest. This level is considered a risk for IS. The objective of Level 1 maturity projects is to achieve at least Level 2 maturity.

The level of maturity is assigned based on the results of the IS internal audit of the project and is recorded in the audit report. The parameters by which the maturity level is estimated include compliance with customer requirements in the field of IS, IS risk management within the project, communication, team awareness, access control and others.

The information security management standard was developed in 2015. During 4 years of work, it was implemented in many of the company’s Russian and international projects. As noted by project managers, thanks to the implementation of the IS management standard, these projects have significantly reduced IS risks, and as a result, the number of incidents and escalations has decreased, and customer satisfaction has increased.


Related news

    Contact us

    Contact Press Service
    Phone +7 (843) 567-15-88


    Stay informed

    Subscribe to our newsletter and keep up with our latest news

    Subscribe to newsletter
    icl-services.com uses cookies, and by continuing browsing the website you give your consent to the use of cookies by us. Otherwise you should leave our website after reading this.

    Задать вопрос эксперту

    Наименование организации*

    Заказать звонок

    Контактный телефон*