The latest regulations (Sabanes-Oxley Act, financial security law, Bâle, AMF (stock market regulators), CRBF 97-02, EUROSOX) underline more than ever before the need for companies to formalise and improve their system performance controls.
SIFARIS changes your regulatory constraints into added value for your organisation. The proactive management of an IS enables companies and management get an overall view of the IS while conforming to the regulation imposed on them. SIFARIS can help you work towards and obtain ISO 27001 certification, which proves that an efficient protection of information system management has been put in place.
The Information security management system, ISMS – aims at a constantly improved level of protection where risks exist. The steps needed to reach certification ensure that safety measures are developed according to the PDCA model: Plan, Do, Check, Act.
This standard is a guarantees for clients, shareholders and partners that management of the IS as well as safety of information measures have been taken into account. The increased need for protection required of company management by shareholders and regulators have led them to ensure a permanent level of control of their Information System. It is most important that companies commit to on-going improvement (PDCA) where safety and risk management are concerned.
SIFARIS has developed a solution which will improve the way you work. SIFARIS offers its clients a high level of management of the IT using AUDITIA which includes an application that manages, controls, directs and monitors performance risks. AUDITIA has the following functions, among others:
- Formalize both internal and external audits
- Creation and follow-up of action plans
- Instant visualisation of information provided by the IS to management
- Automatic generation of audit reports
- Generation of reports concerning work carried out as a results of audits
- Information Technology Management status
- Information Technology Safety Policies and Procedures
- Externalisation of the Information Technology Management function
- Installation of the SMSI
- Installation of ISO 27000 standards
- ERSI-CAP, 27005, EBIOS risk analysis
- Internal IT control tools
- Internal ISMS control tools
- ISMS, return to normal operations, data safety and related programs, personnel management, operational audit
- Integrated Management System (SMI)
- Management System of Information Safety (SMSI)
- Quality Management System (SMQ)
- Permanent Internal Control Tool (PICT)
- Permanent Audit Tool
- Risk Analysis Tool
- Strategic Operating Tool
- Assistance for putting certifications in place
- Deployment of the internal control application
- Risk Analysis
- Permanent Audit
- Supervision of action plans
- Reporting tools