Governance, Risk & Compliance Management Services
Executive Overview
- Global security policy enforcement, compliance reporting and visibility
- Increased productivity through faster incident resolution
- The ability to continue key business activities in a crisis
- Enterprise view of the security status
- Reduced risk deployments
Governance, Risk & Compliance Management is the starting point for minimizing risk, and safeguarding people, assets and intellectual capital by implementing compliant enterprise security policies, standards and systems. It allows a unique distilled view of the enterprise's security status through the EDS Security Dashboard, and the ability to identify, respond and resolve key security events amongst the billions generated daily. Our Business Continuity Services and Audit Support Services allow our Governance, Risk & Compliance Offering to establish a secure framework for conducting day to day, compliant business, now, and into the future.
Available Features
EDS offers the following services for Governance, Risk & Compliance Management:
Business Continuity Services includes a set of features to support an organizations ability to continue doing business in the event of a disaster or crisis, by offering an effective response. The business continuity plan interlocks with Disaster Recovery Plans for the full recovery of technical systems and processes. We have distinct features to assist the client:
- Policy Compliance Management (PCM) Services manages the automated process of gathering security configuration information from defined IP connected devices. These scans are conducted and results reviewed on a regular basis. The results of the scans are stored in a centralized database.
- EDS’ Business Continuity Assessment determines critical business functions and their associated threats, completing a business impact analysis, threat assessment and gap analysis. On completion, a comprehensive report of the findings will be presented, detailing the results of the assessment.
- Business Continuity Strategy and Plans Service initially reviews the exposure analysis to validate the findings. We then work with you to develop a strategic approach to be embodied in a business continuity strategy document covering the business, process and resources. Once the strategy is agreed upon and in place, we develop detailed business recovery response plans and processes for crisis and incident management, business continuity, IT service continuity (Disaster Recovery) and business resumption into the targeted functions.
- Business Continuity Validation and Test will identify appropriate scenarios; produce an exercise calendar, schedule, planning guides and reports. We will ensure targeted training is delivered to key individuals, and oversee an initial exercise of each of the plans under test. Following the successful conclusion of the test, plans are updated and refined, and a maintenance review procedure is put in place.
- EDS’ Business Continuity Management and Reporting Services provides management and cyclic updates to ensure preparedness, should the worst ever happen, while awareness and training ensure positive behaviors and acceptance. After review and update, we will produce an exercise calendar, schedule, planning guides and reports, before performing a controlled business continuity test scenario. On completion we will create an updated maintenance schedule, and report in full.
- The EDS Enterprise Security Event Management (ESEM) Service is an information management solution that strengthens the client environment against attack through refined threat detection and response. By collecting security system logs into a single database globally, across all relevant technologies, then sorting, filtering, and reporting security events, it can better identify threats and allow informed responses to be initiated. The service options also include tools and processes that support compliance with certain industry and government security standards (e.g. Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX) Act, Gramm-Leach-Bliley Act (GLBA), Senate Bill 1386 and Payment Card Industry (PCI) standards). The service is modular for flexible integration and can be implemented in either a leveraged environment combined with EDS’ global ESEM infrastructure, or as a non-leveraged client specific solution.