Compliance

Imperium Solution’s Compliance portfolio assist organizations in their quest to comply with standards for Information Security (ISO27001:2013), Business Continuity (ISO22301), and regulatory requirements like PCI-DSS, SOX, HIPAA, PIPEDA, RBI’s information security guidelines, SEBI cyber security policy.

» ISMS Implementation as per ISO27001:2013 Standard

» Business Continuity and Disaster Recovery Services

» Compliances with Regulations like PCI-DSS, SOX, HIPAA, PIPEDA, SEBI

» Security Audits for banks as per RBI IS Audit Guideline

» Software Compliance





ISMS Implementation as per ISO27001:2013 Standard

ISO IEC 27001 is an information security management standard. It defines a set of information security management requirements.

The purpose of ISO IEC 27001 is to help organizations establish and maintain an information security management system (ISMS). ISO IEC 27001 applies to all types of organizations.

Imperium Solutions provide consulting services to enable organizations implement ISMS based on ISO27001:2013 Standards. This standard addresses Information Security within an organization.



Business Continuity and Disaster Recovery Services

ISO22301 is a standard that establishes the process, principles and terminology of business continuity management. The standard deals with broad goals and is therefore non prescriptive so as to make it applicable to small and large business and local or global organizations.

The standard aims to achieve the following

  • » Provides a basis for understanding business continuity management
  • » Provides a means of measurement that is consistent and recognized
  • » Provides a system based on established good practice

It does not deal in general with emergency planning and management except in the context of an organizations role within a larger civil emergency.

Imperium Solutions provide consulting services to enable organizations implement BCMS (Business Continuity Management System) based on ISO22301 Standard. This standard addresses business continuity and help clients to adapt and respond rapidly to internal or external disruptions or threats. Normal operations can continue with limited impact on business.



Compliances with Regulations like PCI-DSS, SOX, HIPAA, PIPEDA, SEBI

Organizations across all sectors have to comply to various regulatory requirement. PCI-DSS for online payment, SOX for NASDAQ listed companies, HIPAA for patient data privacy and security in a healthcare institute, PIPEDA for data security of Canadian citizens.

Imperium conducts assessment of an organization’s existing Security infrastructure and provides assistance in complying with regulations like PCI-DSS, SOX, HIPAA, PIPEDA, SEBI.



Security Audits for banks as per RBI IS Audit Guideline

All Indian Banks have to conduct Information Security Audit of their IT infrastructure, also called as System Audit, as per Reserve Bank Of India’s regulatory norms. RBI has issued a guideline for the same and all banks have to conduct the audit once every two years.

Imperium Solution audits a bank and its functions based on RBI guidelines and assist them in complying with the same.



Software Compliance

Computer software is a form of intellectual property and is covered under the same provisions of copyright law that protect music, books and film from unauthorized distribution. Like the more traditional media, infringement of copyright law involving computer software carries stiff penalties.

All software comes with a license that specifically states the terms and conditions under which the software may be legally used. Licenses vary from program to program, and may authorize as few as one computer or user to use the software, or as many as several hundred network users to share the application through the system. It is important to read and understand the license agreement accompanying the software program to ensure that sufficient legal copies are available as per the organisation’s needs.

Imperium Solutions assist in conducting a software compliance audit to check and ensure that the client is in compliance.