IA - Information
Assurance ServicesIA -
INFORMATION ASSURANCE SERVICES
What
is Information Assurance?
Information Assurance is:Information operations
that protect and defend information and information
systems by ensuring their availability, integrity,
authentication, confidentiality, and non repudiation.
This includes providing for restoration of information
systems by incorporation protection, detection, and
reaction capabilities. The protection of
systems and information in storage, processing, or transit
from unauthorized access or modification; denial of
service to unauthorized users; or the provision of service
to authorized users. It also includes those measures
necessary to detect, document, and counter such threats.
This regulation designates IA as the security discipline
that encompasses COMSEC, INFOSEC, and control of
compromising emanations . Information security
deals with several different "trust" aspects of
information. Another common term is information assurance.
Information security is not confined to computer systems,
nor to information in an electronic or machine-readable
form. It applies to all aspects of safeguarding or
protecting information or data, in whatever form.
IT Governance &
Compliance processes and procedures that help you gain
control over your information processes and help you
reduce your risk.
Information Assurance Services
CISO/ISSO/ISSM Support- Ashtel Global Information Systems, LLC can provide assistance in developing, maintaining, or
enhancing the information security programs, policies,
procedures you currently have in place. We will work closely
with your information security officer's to ensure that what
is developed is comprehensive and meets the specific needs
of your organization.
ISO 17799
- Our Information Security experts will help you attain ISO
17799 compliance and certification. By aligning your
organization to the ISO 17799 standard, the way you address
security can be radically changed.
ISO 17799
Initially
developed from BS7799-1, ISO 17799 is an international standard that sets out
the requirements of good practice for Information Security Management.
ISO 27001
ISO 27001 defines the specification for an Information Security Management
System (ISMS). It was developed from BS 7799 Part 2:2002.
The scope of any
ISMS includes people, processes, IT systems and policies. This web site
gives an overview of the stages involved and includes the changes made in
ISO 27701 (based on the revised BS 7799 Part 2, issued in September 2002).
BS7799
The latest versions of BS7799 is
BS7799-3, Guidelines for Information Security Risk Management. It support
ISO 27001 and covers the main aspects fo risk assessment.
Regardless of whether your goal is to conduct business in
the international arena where many organizations will only
do business with other organizations who are ISO 17799
certified, or whether you just want to adhere to recognized
'best practices' that will help protect your technology
systems, people and processes, Ashtel Global Information Systems, LLC professionals can help you achieve your
goals.
GLBA (Gramm Leach
Bliley Act) - Ashtel Global Information Systems, LLC
specializes in helping our clients adequately secure
customer information for two reasons - because it makes
sense, and because it is the law. Our GLBA professionals
will assess the compliance of your technology systems,
policies, and processes to identify areas of vulnerability,
put in place remedies for those vulnerabilities, and will
assist in developing the security roadmap that will support
future compliance and add additional value to your overall
corporate security strategy.
SOX (Sarbanes Oxley
Act) - Due to the complexity of compliance
regulations, small & medium businesses continue to struggle
in attaining and maintaining SOX compliance. And, more and
more frequently, because SOX requirements are increasingly
regarded as 'best practices', organizations that adopt them
are also viewed as more desirable business partners.
HIPAA (Health
Insurance Portability & Accountability Act) -
Ashtel Global Information Systems, LLC provides
professionals who can assist you in attaining and
maintaining HIPAA security compliance. Our HIPAA consultants
will conduct a security compliance assessment and risk
analysis for organizations who want to assess their current
compliance level or who want assistance to build a 'roadmap'
that will lead to full compliance.
Take the burden and risk of omissions out of HIPAA
compliance by partnering with Ashtel Global Information Systems, LLC!
Our HIPAA professionals can assist you in identifying,
reengineering, maintaining, updating, and self-auditing the
processes and safeguards you need in place to help ensure
your organization is continuously adhering to required
security procedures, thus keeping you in compliance.
SAS 70
- Frequently organizations that offer their services to
industries that are highly regulated such as healthcare,
banking or insurance, are required by their clients to
provide assurances that they also adhere to strict control
procedures.
Undergoing a SAS 70 audit, an audit that examines the
strengths and weaknesses of your internal corporate
controls, can distinguish your company over your competitors
and can be a crucial factor in obtaining new business. Being
SAS 70 certified signifies to others the soundness your
organizations' policies, processes and procedures.
The professional assistance that can be provided by
Ashtel Global Information Systems, LLCconsulting team
will help you deal with the challenges you face and will
have a significant impact on the success of your business.
FISMA (Federal
Information Security Management Act) Program Support
- Ashtel Global Information Systems, LLC FISMA
compliance solutions and consultants enable you to evaluate,
manage, and improve your compliance efforts. We will work
with you to implement and maintain initiatives that will
bring your agency in line with government information
assurance regulations that require certification and
accreditation.
Ashtel Global Information Systems, LLC FISMA experts
will work with your IT department to identify threats,
assess security controls, perform a risk and technology
assessment, and develop a thorough plan of action to
remediate your processes and infrastructure in order to
attain and maintain compliance. If you are preparing for a
FISMA review, or if you have to address deficiencies
previously identified in a FISMA report, we can help you
achieve the success you desire.