Kazan, Russia -- (ReleaseWire) -- 09/27/2019 --Information security incidents can be very damaging to business. According to 60% of directors and heads of financial departments and organizations, cyber security is one of the most serious risks (ACCA study), and the responsibility for ensuring cyber security often falls on IT specialists alone.
In order to establish unified requirements for information security management of commercial projects and define standard IS measures aimed at ensuring compliance with the requirements and reducing IS risks in service projects, ICL Services created a special Information Security Management Standard. The standard was created on the basis of ISO 27001, the recognized international standard for IS management.
The users of the standard are the Company's employees in executive positions within the framework of service projects. The IS management standard consists of a risk-based approach. This involves conducting an analysis of IS risks and customer requirements for each project, after which measures to ensure IS are implemented. The way in which the same IS measures are implemented may vary from project to project.
In order to assess the level of maturity of the IS management process of a particular project, as well as to further improve the IS management processes within the project, ICL Services has developed a 4-level maturity model:
- Level 4 is the highest. This level is not always needed.
- Level 3 is the target level. The objective of Level 3 projects is to support it.
- Level 2 is the minimum allowable level. The objective of Level 2 projects is to reach Level 3.
- Level 1 is the lowest. This level is considered a risk for IS. The objective of Level 1 maturity projects is to achieve at least Level 2 maturity.
The level of maturity is assigned based on the results of the IS internal audit of the project and is recorded in the audit report. The parameters by which the maturity level is estimated include compliance with customer requirements in the field of IS, IS risk management within the project, communication, team awareness, access control and others.
The information security management standard was developed in 2015. During 4 years of work, it was implemented in many of the company's Russian and international projects. As noted by project managers, thanks to the implementation of the IS management standard, these projects have significantly reduced IS risks, and as a result, the number of incidents and escalations has decreased, and customer satisfaction has increased.
About ICL Services
ICL Services operates in the international market since 2006 and is the largest IT company in ICL Group.
To date ICL Services has about 1,400 employees working successfully with over 80 major clients from 30 countries providing IT maintenance services 24 hours 7 days a week in English, Russian, French and German.