SmartESA - Enterprise System
Assessment Solution
While many firms
focus on technical vulnerabilities and shortcomings, Seismo
Technologies has postured itself to focus on core business
values and business impacts of Privacy and Cyber Threats.
We believe that in order to properly determine an organization's
security "health", the people and the processes, not technology,
take precedence in any security operation. This can only be
done through Risk Management.
Risk Management
is defined as:
"The
process that allows stakeholders to balance the operational
and economic costs of protective measures and achieve gains
in mission capability by protecting business processes that
support the core business values that are mission critical
to the enterprise."
How Does
SmartESA Fit Into The SDLC Compliance?
The SmartESA is based upon an internationally
recognized and certified CBK (Common Book of Knowledge), which
allows for adoption by an organization as a standard for policy
and procedure implementation.
The SmartESA Solution
process covers the CBK common criteria of:
CONFIDENTIALITY,
INTEGRITY, AVAILABILITY
The SmartESA
process incorporates compliance of the International Standard
of Information Security (ISO 17799), and the National Institute
of Standards and Technology (NIST 800-26).
SmartESA follows the iterative process with
full compliance in System Development Life Cycle (SDLC) Capability
Maturity Model (CMM) as illustrated in RMP
(Risk Management Process) model diagram:
SEISMO SOLUTIONS:
SEISMO
ADVANTAGE:
The SmartESA is a team approach with involves
the organization's business knowledge. We understand that
you know your business better than anyone else.
By providing the very highest quality of security expert facilitators
to manage the Enterprise System Assessment, a minimal amount
of time is needed to develop and fine-tune a total business
security assessment. Our highly streamlined process can often
turn a 3 month assessment project into a 5 - 7 day process,
saving you time and money.
|
