|
Complementary RACF Audit & Compliance Mini-Assessment - 4 April 2011
Maintaining tight
control over the security audit and compliance process is a critical
imperative for today’s enterprises. To comply, enterprises must
show that they have implemented procedures to prevent unauthorized
users from accessing corporate and personal data. Even if
enterprises have the means to efficiently conduct audits, they often
lack the tools necessary to prevent policy and compliance violations
from reoccurring. As a result, security vulnerabilities remain a
constant threat, exposing companies to potential sanctions and erode
the confidence of investors and customers.
As a result, the process
of meeting compliance standards such as those found in the Combined
Code issued by the London Stock Exchange (LSE) and the Turnbull
Guidance (the Sarbanes-Oxley equivalent for publicly traded
companies in the UK), the Data Protection Act 1998 (and, for the
public sector, the Freedom of Information Act 2000), the regulations
promulgated by the Financial Services Authority (FSA) (the FSA has
oversight over the various entities that make up the financial
services industry), standards set by Basel II, the Privacy and
Electronic Communications Regulations of 2003, and various UK
criminal and civil laws, represents one of IT’s most critical
investments.
As a consequence,
managing security in the Mainframe environment is becoming an
increasingly difficult task as the list of challenges grows longer
every day. Even the most experienced Security Administrators can
labour under the workload as security systems increase in size and
networks grow in density.
From a dispassionate
viewpoint, sometimes it's a good idea to review IT policies and how
they're performing, identifying areas of improvement. Similarly
periodic checkpoints from experienced 3rd party personnel
such as Vanguard can assist organizations improve their processes.
For the subject matter of Mainframe Security, this is particularly
pertinent, as audits are Business As Usual (BAU) activities, both
internal and external. Thus highlighting and remedying issues
before such audits, especially external audits can only be a good
thing. Quite simply, no one of us is as good as all of us, so
leveraging from several pairs of very experienced and independent
eyes can only be a good thing.
For more information about the
free Vanguard RACF Mini-Assessment Service, please click
here.
The complementary
Vanguard Mini-Assessment delivers a consultancy report identifying:
|
■ |
The security
risks that were identified by the Mini-Assessment process |
|
■ |
The
description and severity classification of each security
risk identified |
|
■ |
An initial high-level
introduction of how to eradicate the identified security
risk & the estimated effort required to complete the
remediation |
Learn more at our
Vanguard Security Solutions Portal
or download a
z/OS Security Gartner
WebEx
or download the
Vanguard Mainframe Security Checklist
that matches the very comprehensive
DoD DISA STIGs.
For more information regarding the Vanguard Mini-Assessment for
RACF, please feel free to
Contact Us
for a no obligation discussion regarding your requirements.
Thank you.
back to top
When IT security & compliance are performed properly, the IT
department can provide your enterprise with a potential
competitive market place advantage, plus a great ROI. |
|
