Recommended: Click here to run a Free driver update scan »
Global firms in diverse industries and government agencies face the mountingpressures of compliance requirements and industry standards, designed to protectthem, their clients and the public against the almost infinite variety of threats toinformation assets, financial risks and identity theft. Many organizations arerequired to simultaneously comply with multiple laws, standards and practices whileregularly repeating audit procedures.
Most organizations find this process extremely resource-intensive, expensive and inmany cases, ineffective. Many fail their audits while others see inconsistentservice levels from companies hired for their expertise in conducting informationrisk audits. InformaticaÂ's president, Claudiu Popa is one security and privacyexpert who believes that the situation is not sustainable and further pressure willmake organizations less likely, rather than more likely to become compliant. He said we are seeing both auditors and their clients skipping steps, failing to addresscritical risks and creating dangerous situations where a false sense of securityleaves the organization open to attack and customers vulnerable to privacy andidentity theft. This is absolutely unacceptable and we worked hard to ensure thatour proprietary security assessment methodology addresses the situation.Â
Not all security assessments are created equal
InformaticaÂ's Verify methodology is designed to be applied to a vast number ofsituations, from global enterprises struggling to contain the costs ofSarbanes-Oxley audits to small retailers that need to comply with the evolving VISAPCI standard. Organizations around the world can register for an informationsecurity or privacy review (FlexSecure Verify Gold), a standards compliance audit(FlexSecure Verify Platinum) or a comprehensive threat and risk assessment(FlexSecure Verify Titanium). Each solution is based on a recurring model withrecommended intervals of 3 to 12 months between assessments, although one-timeassessments continue to be a popular choice for many organizations:  We find thatcompanies come back every 6 to 12 months to conduct risk assessments, but theyoccasionally change the focus of the project from analyzing the risk of internalapplications to gauging the physical security of their data centres. Our certifiedsecurity experts are able to accommodate almost any situation, but we recommendadequate planning before any such undertaking to maximize effectiveness .
Informatica Research experts estimate that between 20% and 50% of all informationsecurity assessments conducted in the industry today are ineffective due to improperplanning, inadequate resources or unqualified auditors. The company works withmanagement and internal audit or IT staff to properly plan and communicate theessential aspects of each project before it takes place. For organizations that dohave qualified in-house personnel, Informatica Security offers a version ofFlexSecure Verify that can be completed jointly with its security experts, leadingto significant savings in both cost and time.
World-class information security assessments and compliance audits
The FlexSecure Verify family of recurring audits and assessments is the only serviceline based on 15 years of diverse best practices and industry standards-basedbusiness assessments, product testing and policy audits. As InformaticaÂ's flagshipservice, Verify helps dozens of organizations protect themselves and their clientbase each year, with a methodology designed to uphold industry standards such asISO17799, SysTrust, PIPEDA, Sarbanes-Oxley, GLBA, FISMA, HIPA, PHIPA and any otherrisk-based compliance requirement. Verify engagements are complemented by detailedreports and presentations on the security posture of products, networks, systems,Web sites and/or applications.
FlexSecure Verify is the combined work of certified Informatica professionals andbest-of-breed technology. Different types of Verify engagements address the businessrisk requirements of todayÂ's organizations: internal security audits, externalvulnerability assessments and process reviews, which include policy and proceduresanalysis, data retention and business continuity planning. For more detailedinformation on FlexSecure Verify including recurring assessments visit www.SecurityAssessments.ca.
About Informatica Corporation and InformationSecurityCanada.com
Toronto-based Informatica Corporation is a renowned information risk consultingleader. Over the past 18 years, Informatica has provided consulting, analysis,implementation and training solutions to SME and enterprise clients in diversesectors and world regions. Informatica clients include financial organizations,government, non-profit organizations, services, manufacturing and healthorganizations.
The Informatica group of companies offers diversified security solutions includingpublished research, emerging threat analysis, corporate risk strategy, securityproject management, corporate training and security awareness certification for allcorporate employees. Informatica also offers best-of-breed commercial products, Onthe web: www.InformationSecurityCanada. com and www.InformaticaEducation.com. Visitalso www.InformaticaResearch.com and www.InformaticaSolutions.com.
For media enquiries and information risk management solutions:
Claudiu Popa, CISSP, PMP, CISAPresident & CSO, Informatica Corporation416-431-9012 Info@InformaticaSecurity.com
CO: Informatica Corporation Information Security/Risk ManagementST: OntarioIN: HTS SU:
