ISO-27002-(17799) News

SystemExperts Unveils Security Standard Compliance Offering

(July 09, 2007)-- SystemExperts, a premier provider of IT compliance and network security consulting services, today announced the launch of its enhanced ISO 17799/27002 Compliance Program. Designed to help companies build effective security organizations, policies and practices, SystemExperts’s ISO 17799/27002 Compliance Program will be of value to organizations looking to measure or demonstrate the use of security best practices to prospective partners, ensure that security resources are applied wisely, and focus their efforts on activities that will address real business risk. The ISO 17799/27002 Compliance Program provides a cost effective method for identifying weakness in security policies, practices, and mechanisms and addressing them through a structured program.

ISO 17799/27002 is an international standard that defines a comprehensive security framework. This balanced framework serves as the basis for both measuring organization’s effectiveness in addressing risk and structuring an organization’s overall security program.

The ISO 17799/27002 Compliance Program consists of three parts: education, assessment, and remediation. The education phase (Study Session) allows organizations to understand how the standard applies in the context of their unique business environment and risks. The assessment compares the company’s practices to those specified in the standard. Next, the remediation phase allows companies to implement recommendations resulting from the assessment and achieve a level of compliance with the standard. After remediation is complete, SystemExperts provides a Compliance Statement. At each step, SystemExperts helps the organization identify security measures that address risks in a cost-effective manner.

“SystemExperts’s ISO 17799/27002 Compliance Program has given Harvard Management Company a clear sense of what we are doing well, what we need to improve, and what we weren’t doing at all. The preliminary Study Session helped us to understand what the standard is all about and how to apply it to our business,” said John Bergen, Chief Information Officer of Harvard Management Company, the organization responsible for managing Harvard University’s $30 billion endowment.

“The ISO 17799/27002 Compliance Program has proven useful to organizations looking for a cost effect way of demonstrating compliance with an objective security standard. This enables organizations to eliminate the burden of repeatedly performing security reviews for prospective customers or business partners. In addition, SystemExperts’s ISO 17799/27002 Compliance Statement makes it easy for organizations to communicate that they have a comprehensive security program in place,” said Richard Mackey, vice president of SystemExperts.

SystemExperts develops security architectures, performs network penetration and application vulnerability testing, develops security policies, provides emergency response to hacker attacks, and assesses compliance with relevant regulations and standards (ISO 17799/27002, PCI, SOX and HIPAA).

Share or bookmarklet this web page at: