Designing the right processes, organization, and templates during the initial setup of an Information Security Management System (ISMS) are challenges organizations face. Rolling out ISMS in a big organization requires automating frequent manual steps, usability, easy reporting or access permissions to sensitive information.
The NTT ISMS Control Assessment App-Pack helps organizations roll out and operate ISMS by assessing multiple assets throughout the organization, such as applications, locations or business units. This contains a classification and a control assessment step. It augments existing RSA Archer use cases to support an assessment approach as described in the ISO 2700x standards or NIST special publications.
The offering is designed to provide a multi-language user interface for end-users. This includes both layout aspects (e.g. dashboards, field names or values in values lists, sections, and tabs) and content (control names and control statements).
The NTT ISMS Control Assessment App-Pack provides organizations a way to:
- Evaluate the maximum impact resulting from a breach of a security objective (confidentiality, integrity, availability) based on a questionnaire or by inheriting from one or multiple assets
- Assess compliance with relevant controls (filtered by asset category, classification and zone)
- Define and track remediation plans
Assess assets with a streamlined process as part of the organization’s ISMS
Gain insight into compliance violations of internal or external policies
Improve overall compliance and security