Ideal Security Operation Center

We provides consulting, legal support, compliance (ISO 27001, PCI-DSS, ISO 22301, GDPR, SOX, HIPAA) and internal policies (auditing and consulting to implement internet policies) services.

See-Secure compliance service provides consultancy and guidance through the process.

The general approach of this project will involve several key activities, to be carried out by a team of security and privacy specialists:

Phase 1 : Identification

Private-Data Mapping

Main objectives:

  • Identify, document and confirm all business processes and IT assets.
  • Identify and document all Private Data instances in all sources and locations in the environments associated to the business processes and IT assets.
  • Document all entities involved for each process (e.g. process owner, business owners, department)
  • Map interfaces to other processes in business.

Deliverable:

  • Personal Data Process and Asset chart.

Produce a Private-Data Asset and Process Inventory

Main objective:

  • Create a formal register of Private-Data, for each underlying IT system and overlaying process.

Deliverable:

  • Organizational Processes and Assets inventory, inclusive of the data mapping elements: Physical/Logical Location of each data instance, Data Owner, Data Flow- Input and Output routes, Access Control, Replication and more.

Phase 2 : Compliance Assessment and Implementation

Compliance

Analysis Objectives:

  • Based on the Data Mapping, evaluate existing and missing regulation controls and compliance objectives
  • Determine overall posture against regulation

Deliverable:

Regulation Compliance report, including the following elements:

  • Executive Summary
  • Existing/missing compliance regulation processes and controls
  • A quantitative figure attained offering the posture

Remediation and Recommendations

  • Provide an account by which the compliance can be achieved
  • Mitigation factors required to facilitate compliance with the Compliance

Work-Plan Assessment

Objective:

  • Continuously track and monitor compliance process activities
  • Perform a periodic compliance progress assessment
  • A quantitative figure attained offering the posture

Deliverable:

  • Updated Compliance report