Security Training Security Training Security Certification Security Certification Security Certification Security Certification Security Training Security Training GRC Training  
                   
 
Certification
Readiness Consulting
GRC Certification ISMS - ISO 27000 series
GRC Certification ITSMS - ITIL / ISO 20000
GRC Certification BCMS - BS 25999
IT Security Training
HISP GRC Certification
Integration
GRC Certification Controls Framework Development
GRC Certification Governance, Risk and Compliance (GRC)
IT Security Training
HISP GRC Certification
Assurance
Independent Assessment
GRC Certification Compliance/Readiness Assessment
GRC Certification Integrated Assessment
GRC Certification Maturity Assessment
GRC Certification Management System Maintenance
Audit
GRC Certification Data Security Audit
GRC Certification Shared Assessment Audit
GRC Certification Internal Audit
GRC Certification Mock Audit
IT Security Training
HISP GRC Certification
Case Studies
GRC Certification

IT Security Training
HISP GRC Certification
GRC Certification
Audit - Data Security Audit
GRC Certification

What is a Data Security Audit?

A data security audit starts with assessing what information you have, how it flows and identifying who has access to it and building a design flow to document it. Understanding how sensitive information moves into, through, and out of your business and who has (or could have) access to it is essential to assessing security risks.

Why do you need a Data Security Audit?

Your company is at risk from lawsuits that surround sensitive data including privacy, web site content and e-mail use. Electronic data held on your computers your responsibility and if it becomes lost, is mis-used or stolen it is the responsibility of your business. As outlined in the Federal Trade Commission's new handbook, Protecting Personal Information: A Guide for Business, a company should take stock of its data security. In other words perform an investigative audit of your information practices (People, Process and Technology). Federal regulations mandate that there are no information security leaks in the lifecycle of secure data; this includes its destruction and recycling. In December 2006 a federal law was passed that made destroying data equal to virtually shredding evidence if not done properly and according to formal procedures. There are a number of federal laws and regulations, including HIPAA, Sarbanes-Oxley, FACTA, GLBA, which govern the data lifecycle and require that establishments with high and low-profile data keep their data secure.

How can eFortresses assist?

eFortresses subject matter experts can:

Review the "Privacy" and "Information Security" requirements that affect your business
Review your current contracts, policies, and procedures and how they cover processes such as:
Customer Agreements
Privacy guidelines
Data Security guidelines
Vendor Agreements
Access control procedures and agreements
Web development

Our subject matter experts can also:

Review current legal and regulatory issues, including government mandates on privacy
Train your staff on applicable data breach security notification laws
Audit applicable technologies and build out process and data flows to be used as the process blueprint for facilitating improvements
Define and build out enforcement procedures and establish appropriate actions for further improvement.

Contact us for a free cost analysis today.

For more information, please contact us by filling out this form

Name *  
Title *  
Email *  
Telephone *  
Job Title *  
Company *  
Address *  
City *  
State/Province *  
Postal/Zip *  
Country *  

Security image:

Verification (Type what you see (case-sensitive)):
Comments *  
GRC Certification
 

GRC Certification
GRC Certification
IT Security Training
GRC Certification HISP GRC Certification
Bookmark and Share