GOVERNANCE. Overview. The Governance Module can address all applicable standards and regulations.

Similar documents
Be Remarkable. CONTRACT LIFECYCLE MANAGEMENT SOFTWARE. Software Overview OVERVIEW. Additional Available Professional Services

SOLUTION BRIEF DOSSIER MANAGEMENT

This guide which is primarily intended for administrators and supervisors includes the following sections:

Enterprise Contract Management RFI/RFP Checklist

collaborative solutions core product features and benefits Construction Collaboration Software. SaaS.

DocAve Governance Automation

HP Cloud Maps for rapid provisioning of infrastructure and applications

CheckMate s Collections Datasheet

Aprimo Marketing Productivity

white paper An Overview of SURE A Software Configuration Management Solution for Developers of Composite Applications for ClearPath Systems

Vendor Cloud Platinum Package: Included Capabilities

Productivity Management INTELLIGENT COLLABORATION SOLUTION

Benefits. + + Consistent quality to recipe specification. + + Increase asset utilization and operational efficiency

OBJECTIVE PERFORM FOR CONTENT MANAGER

DETAILED COURSE AGENDA

AGILE ITIL SOFTWARE. Data Sheet AGILE ITIL SERVICE DESK AND ITSM JUMP START YOUR SERVICE DESK ITIL CERTIFIED PROCESSES WHOSE ITIL?

INCREASING YOUR LABORATORY PRODUCTIVITY

IBM Tivoli Monitoring

Contract Manager Data Sheet

it s project management integrated. intuitive. intelligent

ipm IPM PROJECT MANAGEMENT it s project management Integrated. Intuitive. Intelligent

WORKFLOW AUTOMATION AND PROJECT MANAGEMENT FEATURES

Office 365 Governance & Security

Blueprint OneWorld Product Packages Webinar. Presented by Bianca Tomoni

Enterprise Compliance Management for Credit Unions

Release & Deployment Management PinkVERIFY

SAP SuccessFactors Foundation

Business Risk Intelligence

81059: Customization in Microsoft Dynamics 365 for Sales and Customer Service Duration: 02 days

Oracle Policy Automation Cloud Service

Concept Searching is unique. No other statistical search and classification vendor puts compound terms in their index. This technique delivers high

April Microsoft Corp. All rights reserved

SSL ClearView Reporter Data Sheet

Atlant s atwatch CAPA TM. Corrective and Preventive Action System (CAPA) Product & Services Bundle for

IBM Data Security Services for activity compliance monitoring and reporting log analysis management

ipm it s project management Integrated. Intuitive. Intelligent IPM PROJECT MANAGEMENT WITH INTEGRATION TO MICROSOFT DYNAMICS NAV

SIEBEL CRM ON DEMAND SALES

Is a company into services that caters to Risk advisory Information Security transformation, Security assurance and managed services.

CRM Boot Camp for Dynamics 365

proalpha ERP CAD Integration ERP for SMEs

What s New in BMC FootPrints Service Core version 12

ATLASSIAN TOOLS INCREASE PRODUCTIVITY AND ROI FOR LARGE RETAIL COMPANY 2016 ATLASSIAN TOOLS INCREASE PRODUCTIVITY AND ROI FOR LARGE RETAIL COMPANY

Wonderware InBatch 2012 R2

Ultimus Adaptive BPM Suite V8 Product Brief Page 2

Oracle Risk Management Cloud. Release 13 (updates 18A 18C) What s New

Wonderware InBatch 2012 R2

SAS Decision Manager

Secure, Efficient Content and Submission Lifecycle Management. QUMAS R&D Solution TM

Introduction to SEND Assurance Tool

Office 365 Governance & Security

Solution Components Sugar 6.5 Release

SPI SPEL SP-P&ID USING SMARTPLANT FOUNDATION

MICROSOFT BUSINESS SOLUTIONS GREAT PLAINS. Release 7.5 Extensions

Industrial IT System 800xA Engineering

10/16/2018. Kingston Governance, Risk, and Compliance

If employees have more than one job with you with different terms and conditions, Safe EMS can cater for multiple contracts.

A BPTrends Report. March

Alchem-e CCM Platform HELPING TO IMPROVE PERFORMANCE THROUGH INFORMATION

1Z Oracle Eloqua Marketing Cloud Service 2017 Implementation Essentials Exam Summary Syllabus Questions

Salesforce Lightning Partner Management

Deswik.MDM Mining Data Management

STREAM Integrated Risk Manager Take control of your GRC

codebeamer ALM supports Aviation Development and Regulatory Compliance (DO-178B/C, DO-254, and more)

_ PRODUCT OVERVIEW EFFECTIVE AUGUST 6, 2018 PRODUCT OVERVIEW

Module Introduction COPYRIGHT

Project Management Portal Webparts Implementation Applying MOSS 2007 to Enterprise

ReconArt for NetSuite

Avature Refer. Get Engaged to Talent V 1

SOFTWAREONE PYRACLOUD PLATFORM

OneShield Enterprise Solutions: OneShield Claims. Simplify and automate every stage of your claim lifecycle

"Charting the Course... MOC A System Center 2012 Service Manager. Course Summary

Symantec ediscovery Platform, powered by Clearwell

Microsoft Dynamics ERP Translation Solution as a Service

DAM Requirements Checklist

Skelta. SharePoint Accelerator POWERED BY SKELTA BPM. Business Process Management for All.

Skelta. SharePoint Accelerator POWERED BY SKELTA BPM. Business Process Management for All.

Administration & Security Essentials FOR MICROSOFT DYNAMICS AX 2012 R3

Galaxy Knowledge Management System

Simplifying the Risk & Compliance THE PREMISE

An Introduction to beas Manufacturing

Migration Use Cases with the Migration Manager IBM Redbooks Solution Guide

IBM Workplace Simply A Better Way

Embla Enterprise. Sleep Business Software

NETSUITE CLOUD SRP FOR SERVICES COMPANIES

Business Process Management Platform. Software for streamlining processes with automated workflows and customised e-forms

ACTIVEDOCS OPUS SHAREPOINT INTEGRATION MODULE

IBM Exam C IBM SmartCloud Control Desk V7.5 Change Configuration Release Management Implementation Version: 6.0

Oracle Service Cloud. New Feature Summary. Release 18C ORACLE

Nintex Workflow, Forms and Mobile 2013

Laserfiche and SharePoint Integration. Your Potential, realized. Learn More Inside

Onboarding - Client Guide. March 2018

Compliance Management Solutions from Novell Insert Presenter's Name (16pt)

An Introduction to An Introduction to. BIRST Infor EAM

Administration & Security Essentials

Independent Software Vendor. Established in A company of Greek interests (Societe Anonyme, privately held)

What s new in Teamcenter Service Pack

CENTRE (Common Enterprise Resource)

Remedy Change Management 4.0

Jakarta ServiceNow Governance Risk Compliance. Last updated: February 13, 2019

Continuing the Evolution of Real-Time Payments in the U.S.

Transcription:

GOVERNANCE Overview The platform facilitates the design and development of Information Security Frameworks supported by embedded content and process models that vary depending on the industry sector as well as related standards and regulations. The SWORDFISH Governance Module enables the development of Information Security Content including information security policies, standards and procedures. Module users can leverage the embedded content library, which includes documents for every security requirement, standard or policy or can develop new from scratch using the embedded functionality for document management and writing. Content can then be published through the CISO portal so users can review and accept through a formal acceptance procedure. Policies, Standards, Guidelines and Procedures can equally be drafted and streamlined based on a workflow for acceptance that can be tailored according to the organization s roles and structure. The Governance Module can address all applicable standards and regulations. It is developed as a platform that can be tailored to the organization operating environment and structure. Operation and enforcement of the IS Policy is achieved using a powerful workflow engine and the ability to insert, edit, manage, execute and monitor the implementation of information security procedures. Policy Management The Swordfish Platform offers embedded functionality, via the Policy Editor, a user-friendly Content Management and Document development toolkit used for the development, maintenance and management of Information Security Documents (Policies, Procedures, Standards, Guidelines, Questionnaires) along with a workflow module used also for the design, development and real time enforcement of procedures. The integrated graphical user interface of the content / document Management module is simple and self-explanatory in order to be used by simple, non IT specialized or power users. SWORDFISH: Governance - page 1/6

Content Management The Swordfish Platform includes a content library, which can be reused to modify or develop new versions of ISF documents. The selection is based upon a structured list of contents with live preview for applicable amendments or add-ons. Users select the desired data in order to build document sections or paragraphs that should finally comprise the new document. Document upload is also fully supported (word, excel, pdf etc). Versioning of all the ISF documentation is performed automatically. Workflow Engine An embedded, sophisticated and powerful workflow engine can enforce security policies through automated and streamlined procedures that can be developed using the workflow builder embedded functionality. The procedures develoment process is structured upon a simple and solid 5-step concept allowing users with no extensive technical skills and knowledge to design workflows. A step by step approach within a user-friendly interface utilizes self-guided features such as readily available drop down menus, tick boxes and pre-configured action lists. Awareness and Training SWORDFISH facilitates on-line training and awareness through the CISO portal. Training and Awareness content can be tailored to the organization needs. Material can be distributed to Targeted Audiences. Awareness and Training efficiency and effectiveness can subsequently be evaluated using questionnaires developed based on content. The Universe One of the primary elements of SWORDFISH is the Universe Functionality. Universe functionality enables users to upload all information assets using a logical representation that enables security management in terms of risk and exposure. Assets can be assigned attributes that include criticality, ownership, physical location, information classification, type etc. All assets are logically represented under a relational ontology based on a business product decomposition method specifically developed to address risk assessment requirements. SWORDFISH: Governance - page 2/6

Policy Management Design and develop Information Security Frameworks Leverage the embedded content library, which includes documents for every security requirement, standard or policy or develop new from scratch using the embedded functionality for document management and writing. Integrate with workflows Address all applicable standards and regulations and tailor to the organization operating environment and structure. Content Management Leverage the Policy Editor, a user-friendly Content Management and Document development toolkit used for the development, maintenance and management of Information Security Documents Versioning of all the ISF documentation is performed automatically. Policy Enforcement Enforce Security Policies using the powerful workflow engine Manage, execute and monitor the implementation of information security procedures 1. ISF Management Versioning Full versioning for all artifacts is supported by default. Automatic version control of Documents, Forms and Workflows is supported via user save and Security Framework publishing mechanism. Document Management The Swordfish Platform offers embedded functionality, via the Policy Editor module, of a user friendly a Content Management and Document development toolkit used for the development, maintenance and management of ISF documents, along with a workflow module used also for the design, development and real time enforcement of procedures. The integrated graphical user interface of the content / document Management module is simple and self-explanatory in order to be used by simple, non IT specialized or power users to. Quality Assurance For quality assurance purposes, Swordfish allows for multiple documentation sets to co-exist in the platform. This allows for the official documentation set to be deployed in the entire organization while documentation or artifacts which are still under development, evaluation, or approval can be accessible for testing, quality assurance activities and User Acceptance only in select authorized User groups. More specifically, the entire ISF documentation or simply new workflows can be evaluated and set up in a different virtual environment than the official production ISF. Upon development and assignment of involved SWORDFISH: Governance - page 3/6

roles of a workflow, clients can either put set the newly developed or modified procedure on hold for further improvement & testing or activate it. In the first option the procedure remains inactive and is not visible to users. In the latter option, the procedure is published (issued) and can be initiated by users. Users also have the option for graphical representation of dynamic workflows (in which they are involved) with actions description and the Responsible Role involved in the procedure steps. Import of existing policy documents written in Microsoft Word Swordfish can import existing policy documents written in Microsoft Word. The imported document is automatically parsed based on headings and the relevant chapters are created inside Swordfish. Creation and enforcement of policy standardization and normalization Using multiple policy templates, included in the Standard Content Library, users can duplicate an existing template in order to start a new policy document. Manage policy exception lifecycle, include request, review, approval, and re-approval A standard deviation procedure exists as part of the standard content. The embedded workflow engine can fully address the specifics using the workflow builder. Enforcement of periodic review and approval of policies using workflow Periodic policies reviews and approvals procedures exist as part of the standard content. Frequency and content can be completely tailored to the organizations structure and requirements. Map policies documents and sections to procedures, workflows, standards and regulations to measure policy compliance To facilitate compliance with controls and internal or external policies and regulation, cross-referencing and indexing can be performed between all artifacts on a chapter, section and paragraph level. Cross-referencing can also be performed with other internal or external documents such as International Standards (ISO 27001, NIST, PCI) and legal and regulatory mandates in order to demonstrate compliance Manage policy training and awareness campaigns across the enterprise Through the CISO portal training content can be delivered to targeted audience. Target policy distribution and attestation. Users management provides all the necessary functionality to address the policy distribution based on attributes from enterprise directories (Active Directory). SWORDFISH: Governance - page 4/6

Rapid and Centralized Deployment of Content throughout the organization through the CISO portal (The Hub) One of the key functions of the Swordfish Platform is the rapid and centralized deployment of the ISF to the entire organization based on each employee, Business Role and Information Security Role. This is achieved by the CISO Portal module, which is the application homepage for all end-users. The CISO portal, as its name suggests, is designed to be the single reference point and information repository of the Information Security Department serving as the interface of the Security Office with the entire organization. In this regard each end-user depending on their Business and Information Security Role and the respective access privileges has access to a personalized view of: Information Security Office News and announcements The Corporate Information Security Framework, including Policies, Standards, Processes, Guidelines and ISF artifacts such as Forms & Questionnaires. The Processes (workflows) which, based on their role, they can initiate The Processes in which their role participates Any personal pending tasks (i.e. granting an approval in a process already initiated) via user-specific tasks lists and calendar like views Critical Milestones and Deadlines in processes or tasks assigned. Any ISF artifact, component or document added or modified in the ISF, following the approval process is immediately and automatically available to authorized users for view or download via the CISO portal. End-Users can be notified for changes via the Swordfish Plat form notification system, via the CISO portal News and/or via e-mail. The CISO Portal can have a customizable look-and-feel to fit the requirements of each organization. Workflow Builder The procedures development process is structured upon a simple and solid 5-step concept allowing users with no extensive technical skills and knowledge to design workflows via a step by step approach within a user friendly interface (the workflow builder) utilizing self-guided features such as readily available drop down menus, tick boxes and pre-configured action lists. Each workflow can be tested before deployed to production, in order for the workflow designer to verify correct execution according to the business requirements. Asset management Using the SWORDFISH Universe functionality, all security related corporate assets can be centrally mapped in terms of location, owners, criticality and more. This allows effortless asset decomposition and supports the assessment of asset related risks. Additionally, assets can be related to each security control in the organization s ISF to facilitate a more detailed reporting. SWORDFISH: Governance - page 5/6

Dynamic Workflow Engine An embedded, sophisticated and powerful workflow engine can enforce security policies through automated and streamlined procedures that can be developed using the workflow builder embedded functionality. All necessary procedure information regarding ownership rights, editing rights, involved procedure roles and related artifacts can also be entered in relevant Tabs effortlessly by users. The Workflow engine also offers the possibility of developing complex Workflows with inner loops and Sub-Processes. Workflow forking is also supported, in order to escalate the appropriate tasks to asset owners with dynamic allocation of resources based on user s input during the execution of the flow. 2. Content ISO27001 and PCI DSS Content for 27001 and PCI DSS is included as part of the standard library. Workflows More than 150 Security Procedures and Workflows included in the standard library. Flexible importing/ exporting of Workflows supported for testing/backup. Questionnaires Questionnaires for Assessments against ISO and PCI-DSS are included as part of the SWORDFISH Library as well as standard compliance and vendor assessment material. Security Standards More than 50 Security Standards for controls Obrela Security Industries provides security analytics and risk management services to identify, analyse, predict and prevent highly sophisticated security threats in real time. Tel: +44 (0) 203 397 8723 / info@obrela.com 24th Floor, One Canada Square, Canary Wharf, E14 5AB, London, United Kingdom obrela.com SWORDFISH: Governance - page 6/6

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback