5. Design and implementation of automated tools for enforcing preventive controls in configuration change management,
6. Design and implementation of tools for enforcing automated controls in application security, user provisioning, segregation of duties, and transaction processing in compliance with a multitude of regulators.
9. Needs assessment, business case preparation, RFI/RFP, and vendor assessmentsInformation Security 3rd Party HIPAA PCI SOX Privacy ● ● ● Program NHI Inc. nasrhuma.com Irvine.Toronto Top-Down Governance and Risk Management
24. ERP Security and Control ERP Security Design and implementation of application security for business processes, business intelligence, interfaces in major ERP systems such as SAP, Oracle, PeopleSoft and JD Edwards NHI Inc. nasrhuma.com Irvine.Toronto Process Controls Design and implementation of internal controls related to business process, application configuration controls, and software change management baeslines. Identity Integration Integration of fine-grained authorization with externalized coarse-grained authorization on enterprise directory level. Authentication, Single Sign On, and integration of ERP applications with identity management web services. Interface & Data Migration Controls Design and implementation of controls to manage the risk of data integrity, completeness, and security in transmission of data between ERP and third party subscribing of publishing systems
25.
26. By masking personally-identifying information, solution protects the privacy and security of confidential customer, patient, and employee data to demonstrate supports compliancewith privacy regulationsMapping of Regulations to controls in systems Mapping of Privacy Act, GLBA, HIPPA, and PIPEDA to automated controls in systems processing sensitive data. PIA Conduct Privacy Impact Assessments on business system where sensitive data in processed NHI Inc. nasrhuma.com Irvine.Toronto How Personal Data Is Lost National US Gramm-Leach-Bliley Canada PIPEDA Australian Privacy Act State/Provincial California SB1 NY Security and Notification British Columbia Bill 73 Contracts Clients Partners Vendors Seal Programs Policies Privacy Policies Security Policies Industry and professional standards AICPA/CICA International regional responses EU DPD, APEC Privacy Framework, Safe Harbor (EEA – U.S.)