After the discovery assessment, the organization is convinced about the need to change the way they handle information assets. The information security framework is based on the ISO 27001 standards and is executed in a modular approach which enables the customer to select the areas they want to address immediately.
The framework is designed according to the requirements of ISO 27001. It addresses all the elements of the information eco-system i.e. People, Process, Technology and Third Parties and is divided into two phases that is Design of the framework and Implementation.
The following are the activities carried out during the Design Phase:
Most challenging part of the information security initiative is the implementation of the policies, procedures and controls. The importance granted to this decreases over the period of time due to the business priorities. Mahindra Special Services Group provides implementation assistance to tide over the difficulties faced during the implementation and hand holds the organization towards self-sustenance, by setting up Help Desk within the organization. Implementation Assistance consists of the following activities:
The human centric approach with the process interlocks adopted by Mahindra Special Services Group ensures that the organization goes through a transformation which results in the enhanced protection to information assets.