Governance, Risk & Compliance
SAFEDENY helped and continues to helps its customers to achieve compliance with the requirements of various international standards, in a cost-effective and sustainable manner. SAFEDENY’s approach, which is based on customer empowerment and continuous support before and after certification, ensures tangible improvement in organizational cyber security, as well as continuous compliance to the standard’s requirements.
PCI-DSS Services
Payment Card Industry Data Security Standard, commonly known as PCI-DSS, is a security standard to protect cardholder data from various threats including theft, disclosure and manipulation. Compliance with PCI-DSS is a requirement for any type of with debit and credit cards, mandated by industry’s biggest players Visa, Master Card, America Express, Discover and JCB. The latest version of the standard – PCI-DSS 3.2- defines twelve high-level requirements and a large number of sub-requirements to achieve six control objectives (also defined in the standard). Adhering to these requirements significantly improves security and enables organizations to obtain a certificate of compliance.
ISO 27001 Services
ISO 27001:2013 is growing in popularity and is regarded by many as the leading information and cyber security standard. The standard is designed to fit organizations in all sectors and of different sizes. It requires organizations to establish and maintain a system to manage information security, in the organization. This management system is built around a risk management process and involves creating and putting into practice security policies, procedures and good practices. It also requires organizations to identify, implement and improve the performance of technical, managerial and operational controls to protect information from internal and external threats.
ISO 22301 Services
Disruption of business operation and service provision costs organizations money. Serious disruptive events such as natural disasters, virus outbreaks and failures of critical infrastructure may have catastrophic, long-lasting impacts. Hence, organizations, whether commercial, governmental or non-profit, need to prepare for such events by creating and testing business continuity and disaster recovery plans. ISO 22301:2012 is an international standard that defines a business continuity framework that involves planning, developing, testing, maintaining and – whenever necessary – putting to practice business continuity and disaster recovery plans. Business continuity management reduces the impacts of disastrous events and, consequently, helps the organization to continue operating critical functions and providing critical services during and after a disastrous event.