National Standards

Risk Management

IT risk management is an essential part of the overall corporate risk management and information security strategy of an organization. Risk management allows organizations to detect and manage threats related to the information system environments. The identified risks are assessed and mitigated to an acceptable extend based on the security requirements of the organization . When implemented accurately, ICT–risk management lays the foundation for the continuity of critical business processes also in the event of disruptions.

RISK MANAGEMENT

ICT Contingency Planning

Contingency planning enables operations to continue in the event of a disruption and reduces the company's risk of financial losses, for example. Good preparedness can also increase customer and stakeholder confidence. The continuity and recovery planning of ICT contingency must be based on the company's most critical services, related risks and the information systems supporting them. At Savia, we have years of experience in drafting, developing and implementing ICT contingency, continuity management and recovery planning for a security-critical organization. We help our customers enable business continuity in disruptions and changing security environments.

Supplier and Partner Evaluation

We have long experience in ICT service providers and procurement. We impartially help our customers find the best IT partner for their needs and operating environment.

We ensure that contract terms and costs are clear and cover the necessary services without hidden costs. If necessary, we also check the reliability and background of the partner.

Quality control of outsourced ICT services

Quality control of outsourced ICT services is essential throughout the service life cycle. The security of outsourced services and third parties can be weaker, allowing an attacker to break into critical organization data.

Savia ensures the information security of outsourced ICT services on your behalf throughout the service lifecycle. The service ensures that the service provider follows the agreed practices and that your data is encrypted both during transfer and at rest.

CERTIFICATION

ISO 27001 Advisory and Certification

ISO/IEC 27001 is an international standard that defines requirements for an information security management system. With certification, the company shows that it manages information security risks systematically and that security development is a driven process.

We help you prepare for ISO 27001 certification. Savia can also carry out the company's certification process in accordance with the standard in its entirety.

Kieli

Risk Management

ICT Contingency Planning

Supplier and Partner Evaluation

Quality control of outsourced ICT services

ISO 27001 Advisory and Certification