clockworkisms
DESCRIPTION
A lightweight, high quality, customisable business process management solution for compliance and governanceTRANSCRIPT
ClockworkISMS
…solutions for information security governance
What’s your challenge?
Your challenge?
Need to reduce costs of compliance?
Need to remove duplication of effort across multiple external and internal standards?
Need greater visibility of progress against schedule for risk assessments with on-demand dashboards?
Need better metrics to demonstrate compliance and improvements in risk management?
Need to improve timeliness, and remove bottlenecks and delays in managing risks?
ClockworkISMS is a lightweight, high quality, customisable business process management solution for the management
of information security and compliance requirements
ClockworkISMS Modules
Here are the typical 3 modules which we deploy
Operational Security Deviation against Policy (including renewal scheduling) Vulnerability Tracking Security Alert Tracking ….many other team processes and tasks
Risk Assessment Examples include ISO27001, PCI DSS, IT SOX, ITIL Internal Audit Working Papers Self-assessment against internal organisational standards
Risk Management Manual or auto-logging of new risks from other modules Full audit trail, scheduling and tracking for Risk Acceptance Risk Remediation tracking, quality review and closure
From tactical to strategic…Benefits ClockworkISMS Documents
and Spreadsheets
Protect our brand Yes Evidence?
Meeting legal and audit requirements Yes Evidence?
Mitigate risks to acceptable level Yes Evidence?
Strategic, risk based approach to information security aligned with business objectives
Yes Evidence?
Identify opportunities to reduce costs of information security and avoid duplication
Yes Evidence?
Communication tool across functions and levels – a security conscious culture
Yes Evidence?
Our target market
Organisations who can … achieve significant competitive advantage
from improved information security have regulatory, legal or contractual
requirements which require them to demonstrate effective information security management
require bespoke or customised workflow solutions to implement in-house standards
would like to achieve cost savings from improved efficiency and performance
Key Features
Easy to understand and develop workflow diagrams demonstrating your compliance process
Automatic audit trail for each task, process and user
Automatic scheduling of tasks to meet the compliance requirements in a timely manner
Flexible and informative management dashboards of progress and efficiency including backlog and ‘bottleneck’ reports
Easy integration with other databases such as HR, asset inventory, risk management database and many others
Just some of the benefits…
Reduced cost of compliance through improved efficiency as framework is pre-scripted and automatically controlled
Automatic scheduling into work queues for the relevant teams, with email alerting, leading to improved timeliness of risk management tasks
Informative business process statistics which allow further process improvement through identification and tracking of key facts
On-demand dashboards of progress for improved management control at your fingertips, with customised reporting available to end-users as standard
Measure Success
Has the IT audit opinion improved?
Are policies reviewed in a timely manner and complied with?
How well do staff know of the IT Security organisation?
Requests and Reports received without chase-ups
Value of business projects reviewed for compliance
Impact of incidents: cost, impact, internal capability
Typical Solutions
Travel Industry Challenge: Multiple locations spread across the globe with
high costs of travel and review
ClockworkISMS Solution: Increased use of self-assessment for low-risk locations attaching audit evidence remotely using web-based solution, allowing greater focus on higher risk hubs
Financial Services Challenge: Multiple overlapping standards which required
duplication of effort and separate reporting requirements
ClockworkISMS Solution: Design of a single customised risk assessment review process which covered all standards, and had automatic filtering of on-demand dashboards
Online Demonstration
Visit our online demonstrations atwww.delaneyconsulting.co.uk
or why not ask for an onsite demonstration?