Governance-Governance, Risk and Compliance Simplified

Governance, Risk and Compliance Simplified

• Home|
• About us|
• Product Index|
• Inquiry Form|
• Business Development|
• More
  • Risk Management|
  • Business Continuity|
  • Internal Audit|
  • King 4 - Combined Assurance|
  • Cobit 2019 - Implementation|
  • Application Review|
  • Risk Based Auditing|
  • Financial Management|
  • Long Term Staffing|
  • Short Term Staffing|
  • Governance|
  • Cyber Security|
  • IT Auditing|
  • Segregation of Duties|
  • Investigation|
  • Revenue Assurance|

A Security Information and Event Management (SIEM) is used for the centralisation of all alerts and tasks on the various systems to allow for the identification of inappropriate activities assocaited with the various system and software utilised to allow for the management of "events".

The complexity of the implementation is dependent on a number of factors which neeed to be clarified and the capability understood before it is implemented as part of a SIEM system.

The Implementaton of a SIEM requires appropraite oversight and planning to ensure that the system dployed is optimal and meet the needs and requirements of the owners.

Additional to this, the Security Operations Centre (SOC) is used for the response to the events as recorded from the SIEM and associated infrastructure and has a symbiotic relationship.

Value Statement:
The appropriate implementaton of a SOC and SIEM offers the client the oppertunity to effecively respond to events which could affect the Confidentiality, avaiability and integrity of the data and systems deployed in the environment.

The following risks exists to compnies who did not implement a SOC and SIEM solution:

• The security department may not be aware of an attack, resulting in the inbility to respond resulting in the inappropriate access, change and delete of the information retained in the system.
• The response from the Information Security Department may:
  • The event may not be detected, resulting in no response from the security team to address the threat.
  • Be inappopriate as the underlying cause of the event my not be understood
  • The response may be delayed as the roles and resnposibilities with regards to the event have not been clarified.
  • The  losses suffered may not be contained in time, resultnig in the repudiation of insurance claims
  • The interruption of the business operation as the operation as a whoel could be brought to a standstil

Value Proposition:
Cristal Consulting can fulfill a number of roles during the design, develpment and implementation of eiher a SOC or SIIEM solution. this can be achieved through:

• Assist in the drafting of the spesifications or requirements of the SOC or SIEM for a Request for Proposal or Request for Information to identify the correct solution for the deployment of the system.
• Assist in the review of the Request for Proposal or Request for Information to:
  • Make sure that the correct requirements, technology, functionality and security is included in the solution to be deployed.
  • Compare the solution offered to the current systems, software and databases deployed to determine the suitability and compatibility of the various systems.
  • To ensure and validate that the apporpriate SOA, ESB and API security and configuration  is included to ensure that the apprirpiate confidentiality, availability sn integrity of the data moved into the SO and SIEM solutions.

• Assist in the design of the system by:
  • Evaluation of the suggested data flows and data sources to be included in the SOC and SIEM reporting system.
  • Assess he configured data transfer and foramtting to ensure the optimsation of thep orcess to decrease the time lag between the start if the event and the first response.
  • The identification of links and dependencies between data sets.
  • The definition of inaprpproaite transaction groups taking place between systems which may be indicative of an event.
  • Assist in defining the thresholds and tolerances to ensure that the investigations performed are aligned with the risk apptetite of the diretors of the business.

• Assist in the implementation and operational go live process:
  • By drafting the policies and procedures to be complied with as part of the design and deployent of the system.
  • Drafting the policies and procedures for the day-to-day operation of the environment.
  • Drafting of the escalation processes and response plans for the various events.
  • The documentation of the roles and responsibilities of the various parties involved in the process.
  • Defining the change management process to be used for the initation, design, developent and implementation of changes to the SOC and SIEM.
  • Assist in the project management of the activities to ensure that the resources are appropriately utilised and that the delivery in line with the timelines are complied with.
  • Compliance and User Acceptacne resting to determine whether the process followed was adequat and that the operational risks were appropriately mitigated.
  • Perform a post implementation review as part of the usser accpetance testing to ensure that the system meets the requirements before the final acceptance payment is made.
  • Assist in the drafting of the Service Level Agreement and the Operational Level Agreement between the company and the third parties responsible for the deployment of the solution.

Should you be interested to undera=stand how we can help you, you can egister your request on the "How can we assist you" page on the web site, alternatively you can contact one of the Subject Matter Experts to understand the solution on offer.