Compliance
Compliance is the term used in many industrial and financial sectors to indicate the action to comply with the requirements of various kinds:
- regulations and international standards,
- national laws
- industrial regulations
- best practices,
- rules and codes of conduct
- simple instructions.
Meet compliance requirements means:
- ensure the "good conduct" of the business, mitigating the risk of penalties, losses and reputational damage
- improve the organization and enhancing management control tools;
- help create a common corporate culture of compliance inside and outside, mandatory and voluntary.
Today one of the major source of "compliance risk" stems from the proliferation of legislation, standards and industry regulations, both in industry and in those financial. The management of these problems requires the design and development of Organizational Control Systems.
Our consultancy services for compliance are complementary and synergistic with those of security. They are able to offer a complete answer to the needs of our clients through a design approach "systemic" or "service". They are based on the meeting of different skills.
In order to create a more efficient business organization for our customers and ensure regulatory compliance, Intesi Group has developed a wide range of consulting services geared to the main sectors: industry, finance, public administration.
ICT Security
Business information are subject to risks which are hard to cover. It requires experience and professional knowledge to cover all organizational, technological and regulatory aspects.
Our consultancy services for information security refer to the Italian laws, regulations and international standards in the specific realities of the customer.
To implement an ISMS (Information Security Management System) in accordance with ISO 27000, Italian laws and industry regulations, the following activities are needed:
- Identification of processes and provided asset information (data, hardware and software) used
- Classification of information according to the importance given by the company
- Risk Analysis and detection of security measures to be taken
- Review of processes to optimize operations in order to achieve information security
- Detection and Countermeasures selection of controls for risk reduction
- Development and implementation of security measures, adoption of instruments, standards and organizational security procedures
- Management of ISMS in accordance with laws, regulations and standards.
SUBJECT |
AREAS OF INTERVENTIONS |
ACTIVITIES |
| ICT SECURITY | Security Governance |
Project of Information Security Management System (all life cycle activities: ASSESSMENT, PLAN, DISEGN, IMPLEMENT, RUN) according with ISO 27000 and best practices Consultancy services in IT security area Audit, assessment, planning, compliance, education … |
Business Continuity and Disaster Recovery |
Project and management of Business Continuity and Disaster Recovery Plan | |
|
||||||||||||