secure knowledge management services

*** THIS DOCUMENT HAS BEEN CLASSIFIED FOR PUBLIC ACCSS BY SECURE KNOWLEDGE MANATGEMENT INC ***

SERVICESwww.securekm.com



At Security Knowledge Management we provide services to four unique types of organizational leaders.

Some leaders what to receive training or train and certify their employees. Other types of managers just need

a little help while others need our expertise and others simple can’t do what needs to be accomplished so

they chose to retain us as strategic service delivery partners.



The following is a list of Professional Security Services that can be provided at a fixed rate or time and materials.

• Security Management/Governance: Manage the Information Security Management System to determine its

effectiveness by reviewing policy objectives, scope, security controls, taking into account risk assessments,

threats, regulatory and contractual obligations, security audits, incidents, effectiveness measurements,

suggestions and feedback, updating security plans and formally recording actions and events.

• Security Policy: Manage the information security policy in accordance with business requirements and relevant

laws and regulations.

• Security Risk Management: Manage risk to information assets and system resources, identifying risks,

evaluating risks, evaluating treatment, selecting controls, and obtaining management approval.

• Vulnerability Management: During this process the security program identifies and mitigates known vulnerabilities. In addition, the VM process also examines Enterprise Architecture for unknown vulnerabilities and treats those vulnerabilities.

• Security Continuous Improvement: Manage a Continuous Improvement plan that identifies corrective and preventative action plans that are designed to improve existing information security policies, practices and standards.




• Privacy Impact Assessment: Manage the Privacy Impact Assessment process to establish compliance with data protection statutes and identify any potential gaps for remediation.

• Threat-Risk Assessment: Manage the Threat-Risk Assessment process to identify threats and risks to information assets and system resources to identify residual risk and recommend safeguards designed to remediate any potential gaps.

• Security Incident Management: Manage the ongoing monitoring and response to security incidents including the creation of practices and controls to detect errors in processing. Identify attempted and successful security incidents and breaches, determine if delegated security activities are performed as expected, prevent security events through the use of indicators, and determine if actions initiated to resolve the security breaches were effective.

• Security Compliance Management: Manage a compliance process to avoid breaches of any law, statutory, regulatory or contractual obligations and of any security requirements.




• Security Manual: Manage a process to ensure that respective ISMS practices are documented within one manual and ensure that all personnel who are assigned responsibilities for the administration of the ISMS program receive the necessary training to effectively and efficiently administer the ISMS program.

• Security Training/Awareness: Manage a process to ensure that all personnel who are assigned responsibilities defined in the ISMS are competent to perform the required tasks.



At Secure Knowledge Management Inc we recognize that providing options that fit into every budget

and project is essential for our customers and partners to be successful, so we have created the

following 4 packages.



Secure Knowledge Management Inc. has proven experience within many facets of the information technology domain. By understanding how

professional disciplines like Risk Management and Product Realization apply to information technology we are able to provide exceptional

service with a wider Enterprise application. The results of our approach to service delivery maximize benefits and value; all at a lower cost and

lower impact to Enterprise Corporate Culture. We have a broad range of industry expertise including Government, Financial Services, Credit

Unions, Banks, Insurance, Pharmaceutical, Telecommunication, Manufacturing, and Academia. A few of the core services that we provide are

listed below:

1.ISO/IEC 27001 Registration/Certification

2.IT Risk Management Integration

3.Compliance Management Program

4.Information Security Services Procurement Consultation

5.ISO/IEC 20000 Registration/Certification

6.IT Governance assessment and process improvement

7.ISO/IEC 9001 IT Recertification

8.Quality Management/ Product Realization Integration

9.System Development Life Cycle assessment and process improvement

10.Independent Information Security Assurance Audit

11.Threat-Risk Assessment and Reporting

12.Business Impact Assessment and Reporting

13.Privacy Impact Assessment and Reporting

14.Information Classification/Handling Legislation Compliance

15.Disaster Recovery / Business Continuity assessment and process improvement

16.Change Management assessment and process improvement

17.Incident Management assessment and process improvement

18.Information Security Program assessment and process improvement

19.Information Security Awareness Education and Communications

20.Project Management

21.Information Security Architecture

If you would like to know more about these services please contact our Service Representative.



Secure Knowledge Management Inc.

Secure Knowledge Management helps its clients by establishing a commercially acceptable

baseline and through iterative cycles begins to continuously improve its program to fit with

business culture geared towards top management, clients and shareholders

PHONE 1-902-405-1308

EMAIL [email protected]

mailto:[email protected]