Contact | Support | Login | Content Library Search
Home > About RSA > News & Events

Press Releases

Wednesday, July 13, 2005
RSA Security launches Compliance Scorecard to identify best practice information security strategies
Tool cuts through complex information security control regulations with tailored framework for ongoing compliance

London— RSA Security Inc. (NASDAQ: RSAS) today announced the introduction of the RSA Security Compliance Scorecard, an interactive tool designed to identify regulatory information security requirements for businesses. The aim of the Compliance Scorecard is to provide a tailored best practice framework to ensure ongoing compliance for identity and access management and information security.

RSA Security has produced the Compliance Scorecard to help organisations unravel the multiple frameworks and regulations impacting their business. It is also helps to identify specific information security measures to address high-level ‘reasonable and appropriate’ regulatory requirements for data protection and security.

Most organisations face compliance with multiple regulations, and many regulations share common fundamental security requirements including verifying identities, allowing only authorised access to information and providing reliable audit reports. Alongside the Compliance Scorecard, RSA Security’s Best Practice Framework helps to identify the common requirements across all regulations impacting the business in order to rationalise individual compliance requirements, and suggest a workable framework which delivers lowest cost compliance, manages risk and effectively protects information and identities.

Jeff Loeb, director of product marketing at RSA Security, said: “Determining specific regulatory requirements for data protection and information security can be one of the most complex elements of compliance. Our Compliance Scorecard and Best Practice Framework are designed to simplify information security compliance and deliver a strategy which is tailored to the organisation, its business objectives, industry standards and environment. This approach should ensure that information security regulations are comprehensively met on an ongoing basis, at the lowest cost to the business and in a way that makes compliance a source of competitive advantage for the organisation.”

The RSA Best Practices Framework consists of more than 60 best practice processes derived from the key identity and access management related controls from COBIT, NIST 800-53, ISO 17799, FFIEC control frameworks and standards.

RSA Security’s best practice framework contains information security controls in the following five categories:

  • Risk management
  • Authentication
  • Access control
  • Data protection
  • Logging and reporting

The RSA Security Best Practice framework offers a starting point for organisations wishing to establish a set of best practice information security standards which comply with regulations and are workable within their own organisational environment.

Organisations may find the framework easily maps to and validates their existing framework for compliance; most will find it a valuable ‘checklist’ for compliance and a helpful reference tool for implementing controls and identifying competency gaps.

Availability
An overview of the RSA Security Compliance Scorecard is available online at <http://www.rsasecurity.com/node.asp?id=2895> .

The RSA Security Compliance Scorecard is a free-of-charge service for businesses wanting to assess their existing level of compliance with information security regulations and identify their optimum best practice framework.

About RSA Security Inc.
RSA Security Inc. helps organisations confidently protect identities and information access. The company secures more than 15 million user identities, safeguards trillions of business transactions annually, and manages the confidentiality of data in tens of thousands of applications worldwide. RSA Security's portfolio of award-winning solutions - including identity & access management, secure mobile & remote access, secure enterprise access, secure transactions and consumer identity protection - sets the standard in the industry. Our strong reputation is built on a 20-year history of ingenuity, leadership and proven technologies, and our more than 17,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit www.rsasecurity.com

RSA and RSA Security are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. All other products and services mentioned are trademarks of their respective companies.
Top of Page Email to a Friend Print
© 2010 RSA Security. All rights reserved | Privacy | Legal | Site Map

RSA, The Security Division of EMC, provides Secure Data, Compliance, SIM, SEM, SIEM, PCI, Consumer Identity, Two-Factor Authentication, Custom Applications, Consulting, Assessment, and other security solutions and services to over 90% of the Fortune 500.
 
Access Control |  Authentication and Identity Assurance |  Credential Management |  Data Loss Prevention |  Data Encryption and Key Management |  Fraud Prevention |  Security Information and Event Management |  Log Management |  IT Compliance |  ISO 27002 Compliance |  Information Risk Management for Financial Services |  Payment Card Industry Data Security Standard | 
 
RSA Access Manager
RSA BSAFE
RSA eFraudNetwork
 RSA Data Loss Prevention
RSA Consumer Solutions
RSA FraudAction
 RSA Digital Certificate Solutions
RSA Encryption/Key Management
RSA Enterprise Data Security
 RSA enVision
RSA SecurID
RSA Smart Cards

 RSA Federated Identity Manager
RSA Adaptive Authentication