| Consultation Services |
 |
 |
|
Consultation services
introduced by the Center of Information Assurance (CoEIA) in King Saud University
Consultation ServicesDeveloping information security strategic plan besides the implementation of ISO27001.Sound planning is considered a success factor to implement an efficient program that produces highly qualified results under the limits of time and budget. Therefore, the center of excellence in information assurance (CoEIA) dedicates its capabilities and expertise to support the different entities devising information security strategic plans to ensure the integrity and protection of their systems and projects according to international standards such as ISO 27001; one of the prominent international standards of information security implementation. The center also is distinguished as it considers the social and legislative domestic issues that are missed in the information security applications developed by international companies; a fact that results in strategic plans incompetent to be implemented in reality.
Developing Information Security Policies & ProceduresA task that should be fulfilled by the higher management is to formulate policies that represent an integral part of the e-government. Therefore, the center develop information security policies and procedures built on the best international standards and practices without disregarding the local requirements.
Defining IT Contingent RisksIt is an error to develop information security plans without defining the importance level of the information and their contingent threats. This is the main step in planning for a comprehensive information security program besides defining its budget and time limit.
Conducting Vulnerability and E-Transaction Security TestWhen IT companies hurry to launch solutions without meticulous review of vulnerabilities and the developers seem to be indifferent towards security aspects of e-transactions, it leads to security breaches that consequently cause organization extreme loses either financially or ethically. Therefore, the center provides rigorous tests to ensure that the systems are free of vulnerabilities and to professionally remove them.
Consultation Service Form
Reviewing & evaluating the level of information securityOrganizations vary in their implementation level of information security. Therefore, to define the level of information security implementation, the center dedicates its capabilities to support decision makers. The evaluation define security on the physical level as well as the levels systems, programs, policies, procedures, network, and vulnerability discovery.
Forensics & Data RecoveryA computer can be exploited to launch attacks, steal information, practice espionage and sabotage, or other crimes and misconducts. The center helps to discover these acts as well as recovering the data that are mistakenly deleted using up-to-date technologies. The center also can establish Forensics departments inside the organizations.
Awareness & TrainingThe human factor is the weakest point in the security chain that an organization will never be able to protect its information while disregarding the employees information security awareness and training even if it has the best hardware and software. The center provides a variety of courses, lectures, awareness programs that satisfy the international standards yet customized to suit the local environment.
King Saud University
|
