Security Officer Services

(SOS)

Introduction

In our consultations with customers of our security compliance management applications we have made the following observations:

Companies often have ( given the growth of the security tasks ) too little security expertise.
An increasing number of regulations require companies to prove, using structured documentation that they are "in control" of the security of their ICT systems
Regulators such as DNB require companies to provide reports that meet their standards and are irrefutable and consistent ;
- Many of the companies have already taken action , but the reports are completed in an ad-hoc fashion
- The reports are often made using home-spun software and may make demands on the knowledge and skills of the companies own staff.
- The knowledge and skills needed to answer the questions of Regulators is not structurally embedded in the organization .
Companies need temporary support from security experts to quickly and thoroughly define a security compliance framework, to test and implement the framework and to interpret the ever -growing security and compliance requirements.

To answer these requirements SRC Secure Solutions Security Officer Service has implemented the Security Officer Service. This service will be provided by security managers, led by an experienced certified security manager with at least 15 years experience (including several Dutch financial institutions) and is CISSP & ISSMP certified.

The service consists of the following Security Officer Services :

Consultancy in the implementation of a Risk Control Frameworks
CISO Backup & Support on Demand
CISO Coaching

We will agree on an offer for any of the services or a mix of services depending on the requirements

Consultancy for the implementation of Risk Controls Framework

Our experts provide practical support and advice in IT security , compliance and certification issues. For example :

Standards : ISO 27001 , COBIT , ITIL
Regulatory : WBP , Sox , JSOX , HIPPA
Supervisors : DNB , AFM , Audit departments , annual audit reports
Government : VIR , VIR - BI , BIR
Healthcare : WGBO , NEN7510 , NEN7511 , NEN7512
Development: EU Data Protection Directive 95/46/EC , General Data Protection Regulation (GDPR )
Outsourcing: SAS 70 , ISAE 3402

Our Senior Security Risk & Compliance Manager is an authority in this field and has developed an IT Risk Control Framework ( RCF ) for a large financial institution and successfully implemented in 15 countries for 31 business lines . This has resulted in significant efficiency and cost reduction in IT compliance. We have developed our own "SMART © COBIT Compliance Methodology" which is used as a guide in our projects.

CISO Backup and Support on Demand

Our experts provide practical hands -on assistance and support to the Corporate Information Security Officer ( CISO ) and can help out in case of emergency or during busy periods.

This service provides a Flex Security Officer who will be integrated into your organization, working part-time and can be used as a backup or support of the CISO. Hours are flexible ( 0.1to 1 FTE ) and will be discussed,

Examples :

Reduce " Key - man exposure" risk CISO
Replacement during illness , vacations , etc.
Assistance with major incidents
Assistance with peak in workload CISO , through projects , regulatory , audit , supervisory etc. .

The service consists of four phases:

Intake : Your requirements , scope and mandate provision

Introduction period : The Flex Security Officer is introduced to the company and will work intensively for a short period to orientate him/herself to the security environment.
Standby and support: The Flex security officer is present on a weekly basis for standby and support.
Backup & Support: The Flex security officer is on a call-out basis for additional consultation and to relieve the CISO of core duties.

Consultancy for the CISO coaching

Our Senior Security Risk & Compliance Managers will:

Function as a sparring partner and to brainstorm with the CISO , etc.
Discuss strategy, tactical and operational issues with the CISO
Guide, train and mentor your junior CISOs, security officers and trainees

If you are interested in discussing our SOS services please use the contact form or call us on +31 20 5036001

Introduction

SRC Secure Solutions bv is a Dutch company specialising in Multiplatform Software for Security and Security Compliance Management.
We built on more than 30 years experience of supplying state-of-the art ICT security solutions to large, medium and small organisations.

Contact

Baarnsche Dijk 12C
3741 LS Baarn
The Netherlands

+31 (0)20 5036001