Assessing ISMS compliance with legislation and standards
As part of this service, FBK’s experts can conduct tests (audits) on the information Security Management System for compliance with the provisions of:
- Federal Law No. 152 FL “On Personal Data” dated 27 July 2006;
- Federal Law No. 161-FL “On The National Payment System”;
- the Bank of Russia’s Standard on Information Security Management Systems in the Banking System of the Russian Federation-1.0 “Ensuring Information Security at Organisations in the Banking System of the Russian Federation. General Provisions”.
FBK’s experts can also assess the compliance of the enterprise’s ISMS with international and Russian standards of information security, such as ISO/IEC 27002 and National Government Standard (GOST) R ISO/IEC 17799.
The assessment of compliance with international standards is carried out by FBK experts using both standard (e.g. the Bank of Russia’s Standard on ISMS in the Banking System of the Russian Federation 1.2 2010) and original methodologies, as well as software tools developed on the basis of various sectoral and commonly recognised Russian and international information security standards.
A written report will be prepared on the results of the audit (compliance assessment) which will contain conclusions on the level of ISMS compliance with regulatory requirements and the system’s weak points, as well as the optimal costs and most effective way of increasing levels of maturity and compliance, taking into account the significance of the influence of the identified deficiencies on the overall level of information security.
Alexey Terekhov, FBK Partner and Vice-President for Auditing and Consulting Services to Financial Institutions, is always ready to tell you more about our services in information security and personal data protection for financial institutions.
E-mail - email@example.com
FBK’s services in information security:
- Ensuring personal information security
- Creating and modernising information security systems
- Assessing compliance of banks’ ISMS with the requirements of the Bank of Russia’s Standard on Information Security Management Systems (ISMS) in the Banking System of The Russian Federation
- Instruments to assess compliance with the requirements of the Bank of Russia’s Standard on Information Security Management Systems (ISMS) in the Banking System of The Russian Federation 1.0
- Projects on information security
Back to the section