Nacházíte se na stránkách firmy Risk Analysis Consultants.
 
RAC Common Information CenterInfoCenter
Services
Solutions
CRAMMCRAMM
Information Security ManagementISMS/27K
RAMSES
Audit and ControlRAC Questor
RAC PPP
RAC ISSEC
ISMSRAC ISMS
RAC CISS
RAC IDR
PAS 56
ServicesRAC ISTC
RAC BCMS
RAC BASEL II
QualysGuardQualysGuard
Cyber-Ark
Forensics Institute
eFIS Lab

Risk Analysis Consultants
 
Jste zde: Solutions > RAMSES Přepnutí na českou verzi

RAC RAMSES: Information Security Management Organization

Risk Analysis and Management Site for Enhanced Security is a tool for supporting information security management in all types of organizations. Software as a Service (SaaS) model allows access to the RAMSES functionality at a low costs with no additional investment in software or in hardware.

RAMSES is a ideal tool for organizations establishing or operating Information Security and Business Continuity Management Systems (ISMS and BCMS). RAMSES is based on the CRAMM methodology, which includes threat and vulnerability questionnaires, countermeasures library and risk assessment procedures are fully integrated into RAMSES which offers effective use of the qualitative CRAMM methodology. The RAMSES web interface is designed to be used simultaneously by an unlimited number of users to fill in threat and vulnerability questionnaires, to work with countermeasures library or to enter BCM parameters.


RAMSES provides many reports to demonstrate a compliance level of ISO 27001 or BS 25999. If the structure of Regulations Corporate InfoSec is imported to the tool, compliance reports could be developed.


Brief characteristic of the RAMSES

  • Direct support of ISMS a BCMS
  • Czech, English and Spanish language versions
  • Support of information risk management process
  • Information assets management
  • Linked with CMDB
  • Risk register
  • Business Impact Analysis (BIA)
  • Collection and processing of risk assessment data
  • Threat and vulnerability assessment
  • Risk analysis
  • Reports of current information security status
  • Overview of processes criticality
  • Measurement of information security status
  • Preparation for certification audits of ISO 27001 and BS 25999
  • Statement of Applicability
  • Risk treatment plan
  • Support of security projects implementation
  • Financial reports for decision-making on implementation



Language versions
RAMSES is currently available in Czech, English and Spanish versions. Users can easily switch to languages without having to exit the application. All of RAMSES applications including the continual part can be easily translated into any language, in which a specific language version for an organization can eventually be created.

Role based access control
RAMSES uses role based access control (RBAC). The roles correspond to user job functions and their responsibilities for security assets or areas. RBAC provides easy user management and precise definition of access rights.



Compliance with standards
RAMSES fully complies with the following security standards:

  • ISO/IEC 27001:2005
  • ISO/IEC 27002:2005
  • ISO/IEC 27005:2008
  • BS 25999-1:2006
All steps of the information risk and business continuity management processes, as supported by RAMSES, fully comply with the requirements of the standards listed above. Key information such as mandatory clauses and controls from ISO/IEC 27001 is implemented in RAMSES and used in reports. Therefore the level of compliance with these standards can be easily demonstrated just on the click.

Data security
RAMSES is operated on a secured infrastructure within an ISMS certified environment. Data in RAMSES tool are secured in compliance with the best practices, standards, regulatory and legal requirements. All data is continually backed-up. Communication between RAMSES servers and end-users is secured by the HTTPS protocol. RAMSES tool servers are continually monitored by QualysGuard service.





Related links

Download
Process Flow Ramses (75kb)
RAC RAMSES (285kb)
Conditions for use | Privacy Protection | IMS Policy © 2012 Risk Analysis Consultants