Security Auditors Combine Controls Audits to Achieve Multifaceted Enterprise Compliance

Toronto, Canada (PressExposure) January 09, 2010 -- Compliance is a business term that implies expensive operational impact, productivity losses and no calculable ROI. It just needs to be done. Security standards and IT governance are the two most complex and expensive types of compliance facing today’s national and global enterprises. They take money, expertise and in many cases, strong relationships with the large auditing firms to pull off, year after year.

In addition to the world-wide shift towards privacy breach notification, businesses are required to be compliant with an ever-growing number of diverse industry standards and legislation. Intended to protect intangible assets, these place enormous pressure on budgets and resources while often appearing to negatively impact business objectives.

Enter Informatica Security’s Harmonized Control Assessment Framework (HCAF™ or “HarCon”). Based on proven risk assessment (FlexSecure Verify™) and risk management frameworks (STORM™), it is a tool designed to vastly reduce the costs and efforts of organizations to keep up and maintain security controls across the enterprise by:

1. Aggregating the IT controls required for all applicable standards and legislation 2. Implementing an efficient audit framework and real-time process visibility 3. Consolidating remediation and control management processes

According to security and privacy consultant Claudiu Popa: “our clients annually report compliance costs easily in the millions of dollars and we’ve been chipping away at those costs due primarily to the unparalleled expertise of our certified experts. Today, we are able to literally deliver quantifiable cost savings in the millions primarily due to the innovative effectiveness of the HarCon Framework”. Claudiu Popa is president of Toronto-based Informatica Security Corporation and author of the Canadian Privacy and Security Toolkit, published by the Canadian Institute of Chartered Accountants:

With compliance costs for PCI DSS alone estimated in the $2.7M range for large merchants, the aggregate costs for SOX, IFRS, Bill 198, Directive 2002/58/EC, PIPEDA and a multitude of reporting bills and laws currently in the works are not only prohibitive, but their logistical management would continue to be an impossible task. Informatica’s pre-audit, assessment and remediation solutions are delivered by respected, certified security industry veterans with extensive field expertise and a focus on management consulting. Enterprise class organizations interested in signing up for an HCAF™ pilot are invited to contact Enterprise@SecurityCompliance.CA

About Informatica Corporation Information Security/Risk Management

Informatica Security offers IT and security governance solutions that span the entire range of information risk best practices. To date, Informatica has assisted blue-chip and Fortune 500 companies in 12 countries with compliance and audit challenges, employee education and policy deployment.

Founded in 1989, Informatica Security and Privacy is a leading information risk management consulting firm focused on providing unmatched expertise to enable client organizations to control and mitigate information security risks, meet compliance challenges, alleviate the effects of wrongsourcing and adopt proven standards and best practices for exceptional governance. The firm’s FlexSecure™ risk assessments and professional audits, FlexProtect™ security management, STORM™ (Scalable Techniques for Operational Risk Management) and WorkLife™ Security and Privacy Awareness training solutions are proven best-of-breed solutions that scale to meet the business and compliance requirements of diverse industries.

For additional information, please visit

Informatica Security and Privacy, Informatica Education, Informatica Research, the Informatica logo, FlexSecure™, FlexProtect™ and WorkLife™, VirtualCSO™ and VirtualCPO™ are trademarks or service marks of Informatica Corporation. All Informatica white papers, proprietary research, Web site content, presentations, communications, policies and Informatica-branded documentation are Copyright © Informatica Corporation and permission must be specifically granted for use by any party. All other brands or product names are trademarks of their respective companies, organizations or standards bodies.

For media enquiries and enterprise engagements contact: Claudiu Popa, CISSP, PMP, CISA, CIPP, CRMP, President & CSO, Informatica Corporation, 416-431-9012 Enterprise@SecurityCompliance.CA

On the web:,,,

Claudiu Popa, CISSP, PMP, CISA
President & CEO
Informatica Corporation Information Security/Risk Management
Toronto, ON

Press Release Source:

Press Release Submitted On: January 09, 2010 at 1:44 am
This article has been viewed 13241 time(s).