Defensys has updated the Platform for automation of information security management SGRC. Developer has reviewed the categorization process of сritical assets and taken into consideration new legislation regarding personal data processing.
In the 5.2 version of Defensys SGRC the list of criteria and values for assessing the category of critical assets has been updated. Due to this users now can determine the asset value more precisely and timely notify the regulatory authorities about the categorization.
Personal data processing procedure was also modified by the developer. The Platform enables users both to create and maintain up-to-date lists of information systems, business processes and responsible employees and to consider other assets involved in personal data processing. Users can automate routine tasks, such as notifications regarding personal data changes, damage reevaluation in case of law violations and changes in the composition of technical devices within the company infrastructure.
One more important update to the Platform is the extension of pre-installed methods supplied in the SGRC, which allow users to enter data on current tactics and techniques, as well as define security threat scenarios to form threat models as a part of a risk assessment approach.
The ability to perform supplementary controls over audit process and results by fixing the hash-sum of attached evidences was added to the “Audit” unit. Hereby users can be sure that there are no re-attached and falsified files, which increases confidence in the audit results.
“A number of functional enhancements implemented in the new version of the Defensys SGRC allow organizations to solve information security and compliance tasks even more effectively. Continuing to improve the product, we pay special attention to our customers’ demands, as well as compliance with regulatory initiatives. That’s why in the 5.2 version we’ve added new functions for audit control and performing, as well as expanded the Platform’s capabilities for сritical assets categorization and asset management” – commented Andrey Chechetkin, Deputy CEO at Defensys.