Compliance

Purpose & Scope

Enable IT agility & security to scale with defined risk based security controls that protect integrity, confidentiality, and availability of all Syensqo information.  

Value proposition

• Provide a Syensqo Security Controls Catalog that contains the required controls aligned with Solvay Security Policies and Standards, that can be used by DT as a master referential for compliance and overall risk reduction
• Oversee the execution of Syensqo’s cybersecurity controls, in cooperation with Internal Audit and Risk, to 
• enable business operations in a particular market or with a particular customer
• enable  compliance with applicable statutory and regulatory obligations

Why & When should I get in touch with the IT-CISO Office Security’s Compliance Program team members ?

The IT-CISO Office has been asked to ensure Syensqo improves its cybersecurity control maturity in order to reduce risk.

• Advise on the control meaning, and what steps you can take to meet the control objective. 
• Advise on design of a compensating control when you are unable to meet the control objectives
• Assessment support for customer supply chain surveys that are focused on cybersecurity practices in Syensqo.
• IT Third Party Supplier assessments for new goods and services.

Compliance Tooling

Syensqo Security Controls Catalog (SSCC)

• Built using the Secure Controls Framework
• Includes controls from the following frameworks: ISO 27001 v 2013, ISO 27002:2022, NIST CSF v1.1, CIS CSC v8.0

Refer to this presentation for a complete description on how the SSCC was developed! 

Compliance Governance

Coming Soon!