Take a holistic approach for managing information security

In the course of its day to day business processes, your information systems collect, process, store, and selectively disseminate a large amount of confidential information.  You, therefore, incur a wide range of responsibilities with respect to  the protection and availability of the confidential data, including:

• Appropriate controls around access to information
• Integrity of business information and transactions
• Availability of business information systems and continuity of business operations
• Ensuring that business information is managed in compliance with all applicable legislative requirements, vendor requirements, and contractual obligations

TELUS can help you determine the robustness of your existing processes, controls, and standards to safeguard the confidentiality, integrity, availability and privacy of enterprise and client information.  TELUS identifies and quantifies the maturity levels of your organization’s internal processes and gains effective visibility into the current posture of your information security and privacy protection capabilities. TELUS will identify any gaps that may exist relative to Best Practices and applicable ISO 27001 and 17799 standards and assist you in developing a risk mitigation strategy and roadmap to address those gaps in a planned, strategic, and cost-efficient manner.

Key Features and Benefits

The following logical and functional areas may be covered depending on your needs:

• Risk Management
• Security Policy Framework
• Organizational Security
• Asset Classification and Control
• Human Resources Security / Security Education and Awareness
• Physical Security Controls
• Communications and Operations Management
• Access Control Architectures and Technologies
• Information Systems Acquisition, Development and Maintenance
• Incident Management Procedures
• Compliance — issues arising from Security processes and practices
• Business Continuity – organizational perspective

TELUS provides final deliverables in the form of a comprehensive findings and recommendations report. It provides detailed identification of security management processes, mapping maturity levels, evaluation of existing information security controls, analysis of resultant deficiencies and their root causes, and gap analysis relative to peer organizations. Deliverables also include a Management Letter providing a summary of recommendations suitable for non-technical audience.