Comarch Secuirty Policies and Audits

Security audits can significantly strengthen information security by revealing vulnerable points in the system. Audits assess the likelihood of a variety of negative events and their consequences for operational continuity.

Depending on the customer’s requirements, Comarch can perform any or all of the following audits:

• Penetration tests (controlled attempts to breach security).
• Network architecture audits.
• Security systems audits.
• Operating systems configuration audits.
• Data base configuration audits.
• Applications audits.
• Socio-technical tests.
• Operational continuity plans.
• Security policy compatibility audits.
• ISO/IEC 27001 compliance audits.

Security policy is specified precisely and coherently by rules and procedures. Based on these, organizations manage and construct IT and informational resources and systems. The policy produces the foundations for management methods and procedures and indicates what must be done to ensure that security is sufficiently watertight. The aim of implementing a security policy is to protect the information from a wide range of threats and so secure operational continuity, minimize harm to the business and ensure that it runs as well as it can. Comarch offers both security policy development and implementation services.

Business Benefits:

A correctly implemented and functioning IT security management system may be submitted for ISO/IEC 27001 certification, which brings several benefits:

• Greater business trust and credibility.
• Lower risk of material and non-material losses.
• Compliance with legal requirements.
• A culture of continuous improvement.
• Reinforced security awareness and discipline.
• Constant risk and risk control assessment.
• Security weakness detection and improvement.
• Marketing opportunities.