Contact Us   |   Site Map  

Governance — act of governing, the set of rules and frameworks by which an organization operates.

Corporate Governance compliance is an area starting to be represented in the upper levels of an organization in order to meet regulatory demands for enterprise-wide information security.

A common challenge faced by companies is the ability to understand the ever-changing and complex regulatory and legislative requirements, and its impact on the corporate business model and environment. The following examples of legislations, frameworks and standards, mandate corporations to establish corporate security governance:

                      COBIT, ITIL
                      ISO27001, ISO27002 (ISO17799), ISO27005
                      Payment Card Industry (PCI - DSS)
                      Sarbanes-Oxley (SOX), Bill198
                      Canadian Securities Administrators' (CSA) MI 52-109
                      PIPEDA, pHIPA, HIPAA
                      NERC Critical Infrastructure Protection (CIP)

With extensive experience in the aforementioned, RSS Inc. offers an Enterprise Security Program (ESP) Service that caters to client needs, of all industries and sizes. Our seasoned professionals have played major roles in establishing and implementing ESPs in various public and private sector organizations. Our security solution will institute:

                                        Enterprise Security Governance Framework
                                        Enterprise Security Committee
                                        Corporate Information Security Department
                                        Information Security Processes
                                        Information Security Risk Management
                                        Information Security Architecture
                                        Information Security Governance Intellectual capital
                                        Enterprise Security Key Performance Indicators (KPI)
                                        Enterprise Security Critical Success Factors (CSF)
                                        Enterprise Security Scorecard
                                        Enterprise Security Dashboard Measurement
                                        Enterprise Security Education Program

RSS Inc. team will develop security controls within an organization to provide pragmatic assurances that corporate business objectives are achieved and undesired risks avoided. Our service encompasses both security and privacy risks. Our team will work with the various departments, senior management and teams in order to align them for success towards creating enterprise wide security solutions. This close integration with business leaders and stakeholders allows RSS Inc. to understand the business vision, goals, processes, and support what is important and vital to the organization’s success. RSS Inc. team will ensure the successful completion and the delivery of a robust Enterprise Security Program.

As a part of the final phase of the engagement, RSS Inc. will assist clients in addressing the biggest challenge - the staffing of the corporate security department with competent and reliable resources. RSS Inc. can provide short-term help by providing its resources to populate client's Corporate Information Security Department while assisting in the interviewing and hiring process to ensure that the right candidates have been chosen for the position.

RSS Inc. team will work in tandem with the client assigned team throughout the entire engagement thus ensuring the knowledge sharing.

Solution Benefits
There are times when companies do not have the resources or internal knowledge to build a robust, enterprise security governance practice. By engaging RSS Inc. for short-term outsourcing assistance, it will enable companies to utilize seasoned professionals who have played a major role in developing ESPs in various public and private sector organizations. By bringing the external experience to the table, our clients will be in the position to shorten the information security governance maturing phase.

To ensure that the strategic solution objectives are a long-term success, RSS Inc. will help clients build a full-time team with world-class skills to support and enable its business drivers. We will work with stakeholders to capitalize upon business opportunities to enable them to execute their business strategy securely.

Successful ESP will change the perception of information security from being viewed as a ‘showstopper’ to a ‘secure business enabler’ and will align it with the overall enterprise strategy.

Overall, the ESP will help in corporate risk mitigation by minimizing the potential disruptions of business activities and deliver value by ensuring that the promised benefits match up against the strategy. RSS Inc. team will provide mid and long-term plans containing milestones for implementing information security controls.