IT Governance & Compliance
Plexent's IT governance and compliance service suite allows customers to choose services to meet their unique business needs. By blending the various IT governance and compliance services, following federal standards and regulations, and by conducting a gap analysis, Plexent tailors targeted solutions.
Plexent's IT governance and compliance evaluation and toolkit help management understand vulnerabilities, prioritize projects to protect information and make sound financial decisions on where to spend IT governance and compliance budget to reduce exposure.
Information Governance Framework
IT governance comprises formal and informal rules and practices, focusing on:
Effective IT governance addresses
- Information services
- Risk management
- Organizational decision rights
- Information security policy, processes and procedures
- What services are offered and the value IT provides the business
- How decision rights are aligned with controls to mitigate risks
- Who is accountable for delivering IT value
- How IT resources are allocated
Plexent Approach
Plexent defines the policies, controls, processes, roles and responsibilities, and metrics at a high-level. It's imperative that the company's culture, operating environment and business model shape the IT governance framework, so Plexent starts with the itDNA framework and customizes the components to fit each business. The framework includes IT Strategy Management, IT Risk Management, IT Value Management and IT Operational Management.
Information Risk Assessment & Risk Management
Establishing the baseline to protecting assets and customers is critical to an IT governance approach. Plexent follows the OCTAVESM approach defined by the Software Engineering Institute at Carnegie Mellon University.
Plexent Approach
Plexent's IT governance risk assessments evaluate risks associated with business information and the supporting processes and technologies. Find out how Plexent can analyze and manage your risks.
Control Environment and Framework
Controls are implemented to protect business assets, meet stakeholder requirements, maintain management assurance processes are functioning as intended, and ensure processes maintain proper documentation, management review and process improvement.
Plexent Approach
Plexent follows the five steps outlined by COSO: control environment, risk assessment, control activities, pertinent information collection and communication, and management's monitoring of the control system.
Plexent provides customized business-aligned control frameworks with information controls based on ISO 27001/ISO 17799, CobiT and NIST; a gap analysis comparing the current controls to best practices and compliance requirements, as well as a web-based document management toolkit.
Audits fast approaching?
Plexent has helped numerous organizations with internal and external audit preparation.
IT Audit Preparation and Regulatory Compliance
Today, increased legislative, regulatory and industry requirements have organizations bombarded with auditors and standards – and it gets costly.
The IT audit process considers business risks, evaluates management-defined controls, and validates that the controls are followed and monitored.
Plexent simplifies these IT audits and more
- Financial Audits – SOX
- Information Protection – HIPAA, GLBA, PCI and state laws
- Supply Chain – SAS 70
- Security – ISO 27001 / ISO 17799
- Client Notification – CA SB1386
Plexent's IT compliance services
- simplify IT audits
- reduce the resources and time involved
- maintain service quality
- ensure IT remains aligned with business objectives
Plexent Approach
Plexent comprehensively addresses management-defined controls, and ensures sufficient documentation for all business processes is captured and reported for decision-making.
HIPAA compliance concerns? SOX audits eating up time and resources?
Contact Plexent today for simple and cost-effective IT compliance.
