Every organisation needs to properly manage and protect information, both its own and the data entrusted to it by its customers. An international standard (ISO27001) exists to help organisations implement the controls necessary to achieve this important objective, but this is commonly perceived as being complicated, expensive, disruptive to implement properly, and a potential cash machine for "day rate consultants".
InfoSaaS, powered by Ctrl O, has been developed to make information security an achievable goal for all organisations, from SMEs to large corporates. It will help to provide valuable protection for your company, promoting your commitment to data security and helping to differentiate your offerings from your competitors. It's cloud based, requires no additional software, is easy to use and is provided for a low monthly cost. With over 20 years' experience in delivering certified systems to companies around the world, the creators of InfoSaaS know how you should be protecting your business.
InfoSaaS helps you to identify the important information and other assets (for example, premises, hardware, software etc.) and guides you through a risk assessment process to measure the threats and vulnerabilities that they could be subject to. It also contains workflows for managing unacceptable risks, security incidents, document management and a host of other useful features - all designed to help you deliver an effective, operational security management system quickly and with a minimum of fuss. Customers can choose the specific elements that they need, or use the whole solution to deliver their accreditation objectives.
If you have some previous experience with information security, or have perhaps attempted to achieve ISO27001 certification before, the following "top ten" of features will demonstrate what InfoSaaS has to offer:
- Management dashboard, see at a glance the current status of all your information security activities and workstreams
- Define thresholds for risk acceptance, and related parameters specifically aligned to the needs of your organisation
- Undertake detailed risk assessments, perhaps using one of a library of standard asset risk templates, or create templates of your own
- Progress risk treatment activities for any unacceptable risk levels identified during your various risk assessments
- Automatically populate your Statement of Applicability (as required by the ISO27001 standard) as each risk assessment is completed
- Integrated security incident module, allowing for prompt logging, investigation and closure of reported incidents
- Integrated document management suite, assisting with document identification, ownership, approvals and planned review cycles
- Calendar management, providing visibility of forthcoming (and overdue) management reviews, risk assessments, audits, document reviews etc.
- Aligns with ISO27001:2013, and provides helpful cross-references to PCI DSS, CSA CCM and the UK Government Cyber Essentials Scheme for SMEs
- A practical, effective and integrated solution, affordable to all sizes of organisations whatever their sector
If you would like more information on InfoSaaS, or be kept updated, please take a look at http://www.infosaas.uk.
