Risk Management, Audits and Penetration

The complexity of the IT infrastructure increases with the size of the organization. Unfortunately, that complexity breeds vulnerability. But help is at hand: by means of security analyses, authorized penetration tests, and structured surveys (audits) within your company, combined with other measures, we can deliver significantly better protection.

Today's executives regard security as an integral part of operational risk management. To identify potential threats, it is necessary to analyze business processes and define IT security objectives. Are systems, applications, data and networks adequately protected from unauthorized access, manipulation and malware? What risks need to be addressed? Security analysis provides clarity and insight. Penetration studies reveal security gaps. They provide a starting point for countermeasures, and eliminate guesswork. But other issues remain. For example, have the organizational and the technical aspects of IT security been effectively coordinated and harmonized? Are corporate and other standards actually being complied with? To discover the answers, T-Systems specialists conduct surveys and inspections at the customer's site. The findings of audits of this kind are leveraged to define concrete measures and to assess the current state of security based on standardized criteria (benchmarking) – because enterprises need to know what degree of protection they currently have if they are to aim for a consistently higher level in the future.

Fully in the picture with the CERT Info Service

The CERT Info Service is an important additional tool. A Web-based application for processing security-related reports, it alerts your employees to possible security risks, and recommends ways to combat problems it has identified.