Home | Information Security Management | Data Privacy Management | National and International Realisation | kronsoft.de

opus i 

National and international realisation and implementation of management systems regarding information security and data privacy ( 2 of 4 )

4.
In the first step the sales offices enter their data concerning their “assets”.
They enter buildings, rooms, networks, computer (server, desktops, notebooks), procedures that handle privacy data and at least the names of all third parties with access to these assets. The third parties can be IT consultants, network consultants, cleaners, document shredder companies a.s.o. For all these elements acting IT security threats and corresponding controls (safeguards) are available that reduce the incidence rate of these threats.
At this time it is enough if the names of these elements are entered.

5.
If all data is entered from the sales offices the IT security team in Hamburg transfers the data to the main opus i database (the “opusiSpor” database and the opus i database are physically seperated... so that it is impossible to claim: “You modified my data” a.s.o.) (***).

The data transfer is easy and can take place any time you like.

6.
Now, the sales offices have to implement the controls. All they need to implement them is available.

The sales offices can consult the security threats and the controls.

If there are documents describing the implementation, these documents can be linked to each control. The Headquarter has direct access to these documents, because the documents are automatically transferred to the central “StandardDocumentPath” which is located on a computer at the Headquarter. WEB-Documents are also linkable (URL’s).

5.1 The data will be transferred from the opusiSpor database to the opus i main database.

4.1 Each sales office enters its “assets”, using opusiSporWEB. The sales office in Hamburg is using opusiSporEXE.

6.1 Now, the sales offices can start implementing the controls.

5.2 If the data is transferred the controls will be assigned to each element. This is easy and takes place without special knowledge - in other words: “it is done automatically”. It is important that the IT security team determines the controls the sales offices have to implement.

6.2 The IT security threat and control documents give implementation aid. Everything the sales offices need to implement the control is available.

4.2 In the Headquarter the IT security team traces the work status. The elements of the sales offices can be seen at the right hand of the image.

5.3 Now the controls of the particular elements can be transferred back to the sales offices. The transfer also occurs automaticaly - dialogue-assisted.

6.3 Example: an IT security threat description (delivered with opus i). More than 450 IT security threats are fully described.

(***) Note: the data of the main database and the data of the opusiSporWEB database are physically seperated but always stored in the Headquarter in Hamburg. No data is hold and stored remotely!

6.4 Example: the implementation guideline of the IT security control (delivered with opus i). More than 1200 IT security controls are fully described.

6.5 Linking documents: External documents describing the implementation can be linked directly to the control. During linking the document is automatically transferred from the “linking location” to the Headquarter in Hamburg.

6.5.a The “Standard Document Path” is a folder within the main opus i installation in Hamburg.

© 2010 kronsoft^® Germany  

downloads / access right         contact   support   customer area   sitemap   about kronsoft