Security Policy

 

TEJAS, has expertise in providing guidance to clients in drafting Security policy, provide assistance in implementation, as also perform post implementation review. TEJAS adheres to International stan- dards – BS 7799 / ISO 17799 while formulating Security Policy for its Clients. 


Business Continuity Planning


Tejas focuses on the Organisation's key issues -

        Availability

        Reliability &

        Recoverability


With Objectives to Achieve and maintain the chosen availability level of the enterprises IT infrastructure Effectively manage and
control the IT infrastructure to improve the overall operational reliability Provide an effective plan to minimize downtime of the key processes in the event of major disruption Tejas provides following services under Business Continuity Planning:


      Business Impact Analysis

       Risk Assessment and Management

       Business Continuity Solution Design

       Business Continuity Management

       Business Recovery Management           
   
Testing, Implementation and post-implementation review Tejas helps clients not only in drafting a Business Continuity Planning, but also provides guidance for implementation and testing the plan for completeness and currency.

Tejas has Certified Business Continuity Professionals also in their team.

 
 

                       BUSINESS CONTINUITY PLANNING

 

 Issues Addressed
Availability
Reliability
Recoverability
   Solution
  Enterprise High
  Availability
    Service Level
      Management
  Business Continuity
  Planning
   Objective  Achieve and maintain the chosen  availability level of the  enterprise's  IT infrastructure

 Effectively manage and  control the IT infrastructure 
  to improve the overall  operational reliability

 Provide an effective plan to  minimize downtime of key  processes in the event of a  major disruption
    Emphasis
Technology
Processes
People
       
    Focus  Proactive and preventive                 Response and Recovery


Systems Development

 

Tejas evaluates the Systems Development Methodologies and change management procedures  adopted by their clients. With
our experience in and knowledge of best practices to be adopted,  we highlight the security concerns and provide suggestions
and guidance for implementation of  correct procedures. Many  times third  parties are also  involved in Systems Development.
We  provide professional guidance in the area of Service Level Agreements and controls associated  with outsourcing. In the
area of Systems Development Methodology and maintenance, whether  developed in-house or outsourced, we pay special
attention to the following:

        Control procedures for Protection of Source Code

        Library Procedures

        Migration of programs from testing to production areas

        Documentation Standards

        Testing Procedures

        Change Management Procedures including version control of programs


Organisational Controls

 

In an IT environment there are incompatible functions and also certain very sensitive positions. Tejas  evaluates the security
concerns arising out of lack of Organizational Controls across the Organization  (Corporate Offices and its branches). Incisive analysis of the functions performed is undertaken in all  areas of operation including Computer Department. Special attention is
paid to the following functions:


       Systems Administrator

       Network Administrator

       Database Administrator

       Librarian

       Programmer

       Operator


Environmental Controls

 

Tejas performs audit of Environmental Controls, by evaluation of the physical access controls to  sensitive areas housing the server , router , hubs, switches, and other sensitive equipments. We also evaluates the adequacy of other environmental requirements.


Application Controls

 

Tejas performs extensive testing of all of the applications in the client’s organization in a separate  test area. The programs are
tested for functionality, built in controls including access controls

 

Audit Tools

 

Tejas utilizes utilities and Audit tools for performing audit, more particularly the Audit Tool – ACL