CompliancePurpose & Scope Enable IT agility & security to scale with defined risk based security controls that protect integrity, confidentiality, and availability of all Syensqo information. Value proposition - Provide a Syensqo Security Controls Catalog that contains the required controls aligned with Solvay Security Policies and Standards, that can be used by DT as a master referential for compliance and overall risk reduction
- Oversee the execution of Syensqo’s cybersecurity controls, in cooperation with Internal Audit and Risk, to
- enable business operations in a particular market or with a particular customer
- enable compliance with applicable statutory and regulatory obligations
Why & When should I get in touch with the IT-CISO Office Security’s Compliance Program team members ? The IT-CISO Office has been asked to ensure Syensqo improves its cybersecurity control maturity in order to reduce risk. - Advise on the control meaning, and what steps you can take to meet the control objective.
- Advise on design of a compensating control when you are unable to meet the control objectives
- Assessment support for customer supply chain surveys that are focused on cybersecurity practices in Syensqo.
- IT Third Party Supplier assessments for new goods and services.
Compliance Tooling Syensqo Security Controls Catalog (SSCC) - Built using the Secure Controls Framework
- Includes controls from the following frameworks: ISO 27001 v 2013, ISO 27002:2022, NIST CSF v1.1, CIS CSC v8.0
Refer to this presentation for a complete description on how the SSCC was developed! | Embedded Google Drive File |
|---|
| url | https://docs.google.com/presentation/d/1eqjwsBZM5s6XSiUW-HLUzfWpjyQ-XsuE1WeZgu5UREg/edit?usp=drivesdk |
|---|
| fullwidth | true |
|---|
| height | 500 |
|---|
|
Compliance Governance Coming Soon!
| 
