FRSecure

Information Security Program Development

FRSecure Home

• Program Development
• FRSecure's Approach
• What do you get?
• What ensures success?
• Why choose FRSecure?

Standards Compliance

• ISO 17799:2005
• PCI-DSS
• HIPAA
• GLBA

About Us

• 3992 Spruce Road
  Minnetrista, MN 55375
  
  888.676.8657
  
  info@frsecure.com

What do you get?

Summed up in one word...value.

It's not often that the words information security and value are used in the same sentence. We seek to change that. Information security can improve the bottom line and we have consistently demonstrated that information security is not a cost-center.

So what do you get from FRSecure's Information Security Program Development service?

An effective information security program takes time to develop and a commitment to implement. We have developed numerous information security programs for our clients and we have noticed a few characteristics of "effective" information security:

Formal
In order for an information security program to be effective, it must be documented and tracked. It's one thing to tell your customers, employees, and stakeholders how you protect information, but it's entirely different to demonstrate it with documentation. Formalizing an information security program makes communication and enforcement much more effective.

Governed
Information security must be chartered, managed, and constantly improved upon. Effective information security must start at the top.

Holistic
You may have heard the old adage; "You are only as strong as your weakest link". Well when it comes to information security, "You are only as secure as your weakest link (vulnerability)". Too many times information security is viewed as an IT issue, and it's not! Information security is a business issue that affects all parts of the enterprise.

Lifecycle
s your business evolves, so should your information security program. Business changes, people change, technology changes, information changes, and information security changes.

Aligned
Businesses are usually in business to make money. An information security program must support this endeavor as its primary purpose. Information security must never get in the way of business.

Risk-Based
We see more and more companies who manage their information security with compliance as the primary objective. While compliance is tremendously important, but risk is more so. A company who manages their risks appropriately is almost always compliant with every regulation they face. A company who manages information security with compliance as the primary objective often ends up spending more money and misses significant risk.

So to answer the question; "At the end of the day, what do you get?":

You get a partner who takes the time to understand your business intimately before the development and implementation of an "effective" information security program.

FRSecure information security programs are often built around the ISO 17799:2005 (renamed ISO 27002:2005) international standard.

For more information, please submit:

Business Name:

Contact Name:

Email Address:

Phone Number:

Comments:

FRSecure LLC, 3992 Spruce Road, Minnetrista, MN 55387 - 888.676.8657

Copyright � 2009 FRSecure LLC All Rights Reserved.