New Information Risk Assessments Scale to Meet the Security Protection and Privacy Compliance Needs of Global Companies
Informatica Security exclusively offers the acclaimed FlexSecure Verify™ information risk methodology. The unique service scales to meet the compliance and business risk objectives of diverse organizations, offering the industry's most complete range of professional security assessments.
PR9.NET June 18, 2007 - Toronto - Toronto-Based Informatica Security has expanded its global service portfolio to meet the needs of smaller organizations with the broadest range of security assessment options available.
Global firms in diverse industries and government agencies face the mounting pressures of compliance requirements and industry standards, designed to protect them, their clients and the public against the almost infinite variety of threats to information assets, financial risks and identity theft. Many organizations are required to simultaneously comply with multiple laws, standards and practices while regularly repeating audit procedures.
Most organizations find this process extremely resource-intensive, expensive and in many cases, ineffective. Many fail their audits while others see inconsistent service levels from companies hired for their expertise in conducting information risk audits. Informatica's president, Claudiu Popa is one security and privacy expert who believes that the situation is not sustainable and further pressure will make organizations less likely, rather than more likely to become compliant. He said "we are seeing both auditors and their clients skipping steps, failing to address critical risks and creating dangerous situations where a false sense of security leaves the organization open to attack and customers vulnerable to privacy and identity theft. This is absolutely unacceptable and we worked hard to ensure that our proprietary security assessment methodology addresses the situation."
Not all security assessments are created equal
Informatica's Verify methodology is designed to be applied to a vast number of situations, from global enterprises struggling to contain the costs of Sarbanes-Oxley audits to small retailers that need to comply with the evolving VISA PCI standard. Organizations around the world can register for an information security or privacy review (FlexSecure Verify Gold), a standards compliance audit (FlexSecure Verify Platinum) or a comprehensive threat and risk assessment (FlexSecure Verify Titanium). Each solution is based on a recurring model with recommended intervals of 3 to 12 months between assessments, although one-time assessments continue to be a popular choice for many organizations: "We find that companies come back every 6 to 12 months to conduct risk assessments, but they occasionally change the focus of the project from analyzing the risk of internal applications to gauging the physical security of their data centres. Our certified security experts are able to accommodate almost any situation, but we recommend adequate planning before any such undertaking to maximize effectiveness".
Informatica Research experts estimate that between 20% and 50% of all information security assessments conducted in the industry today are ineffective due to improper planning, inadequate resources or unqualified auditors. The company works with management and internal audit or IT staff to properly plan and communicate the essential aspects of each project before it takes place. For organizations that do have qualified in-house personnel, Informatica Security offers a version of FlexSecure Verify that can be completed jointly with its security experts, leading to significant savings in both cost and time.
World-class information security assessments and compliance audits
The FlexSecure Verify family of recurring audits and assessments is the only service line based on 15 years of diverse best practices and industry standards-based business assessments, product testing and policy audits. As Informatica's flagship service, Verify helps dozens of organizations protect themselves and their client base each year, with a methodology designed to uphold industry standards such as ISO17799, SysTrust, PIPEDA, Sarbanes-Oxley, GLBA, FISMA, HIPA, PHIPA and any other risk-based compliance requirement. Verify engagements are complemented by detailed reports and presentations on the security posture of products, networks, systems, Web sites and/or applications.
For media enquiries and information risk management solutions:
Claudiu Popa, CISSP, PMP, CISA
President & CSO, Informatica Corporation
# # #
About Informatica Security Corporation
Toronto-based Informatica is Canada's leading security consulting company, with over 40 certified professionals across the country and 5 divisions dedicated to information security services.
|Recent News Headlines
|Industry Category of Current Press Release