Overall:

Ensure your information security policy is aligned to ISO 2700x Information Security Standards. The highlights of what you should look for:

1. Prepare and implement the Information Security Policies of your organization.
2. Defining roles and responsibilities for information security across the organization, in co-operation with security representatives from your organization IT department / business units.
3. Identifying controls and coordinating their implementation, in co-operation with security representatives from the affected departments periodically assessing the adequacy of information security implementation across the organization.
4. Auditing internal systems and processes for compliance with security policies and standards.
5. Validating all connectivity requirements from a security perspective.
6. Anchoring security initiatives within your organization and promoting information security throughout the enterprise.
7. Understanding / analyzing the Identity & access management requirements & implementing the same.
8. Constantly reviewing the security compliance objectives and revisiting the controls that need to be implemented to meet the appropriate control objectives.
9. Service window 24×7 on Seat with a combination of both onsite and offshore locations.

Typical Security activities:

1. Enforcing a strong password policy.
2. Physical Access Control.
3. Data Center / Server Room Security.
4. Creation & Control of user accounts.
5. Corporate Project Data Access control
6. Managing users for Access management.
7. Third-Party Connections which will include Firewall policies, IPS/IDS.
8. Virus Protection.
9. Audit and Compliance.
10. Vulnerability monitoring, assessment and Penetration testing.
11. Firewall, IDS/IPS, Antivirus monitoring and management.
12. Internet access control.
13. Encryption keys management.

www.bestitdocuments.com