• REGULATIONS & TECHNOLOGY
• Markets in Financial Instruments Directive (MiFID II)
• Alternative Investment Fund Managers Directive (AIFMD)
• Payments Card Industry Data Security Standards (PCI DSS)
• Information Security

SCS can help you navigate the complexity of a large number of regulatory compliance directives and can help you overcome any challenges that you may be facing with your compliance programs.

We have consultants and experts who can help with providing Consultancy, Program Management or technology solutions on any of the other following Regulatory directives around Information and Data Security

ISO 27001

ISO/IEC 27001 is one of the most widely known and recognized international standards for information security management systems. It describes the core elements of an ISMS, or security program, and it can be certified against. These include the dimensions of establishing the ISMS, implementing and operating the ISMS, monitoring and reviewing the ISMS, and improving and maintaining the ISMS.

ISO 27001 certification and documentation on the status of the 27002 controls is likely to become a norm and function as a standard way for providers and partners to demonstrate their relative trustability. Over the last 3 years the use of these standards for this purpose is gathering pace and momentum.

SCS can help with this compliance from a consultancy, technology program management & services perspective

EU Data Breach Notification Law

In November 2009, the EU enabled a revision of its electronic privacy Directive dealing with Data security Breach. This directive mandates that member states pass legislation requiring telecommunications and Internet service providers to notify subscribers in the event of a security breach and loss of personal data. While it impacts the Telecom/internet providers to begin with, an expansion of this breach notification requirement to all types of companies (not just providers) and a notification to all affected individuals (not just subscribers) is already under discussion

The U.K. Information Commissioner's Office (ICO) has already presented new notification guidance for the country, and revisions to the U.K.'s privacy law have come into force since April 2010. The British Standard for Privacy (BS 10012) also defines breach notification procedures in personal information management systems. These laws require compliance to the required level of Information Security.

SCS can help with this compliance from a consultancy, technology program management & services perspective

For more information please write to us at corp@scs-emea.com or use our Enquiry form