Information system

iFACTS Information system - Web based Information system maintenance and control

Most organizations are heavily dependent on IS/IT to support the business processes. Consequently, small disruptions in IS/IT can seriously affect the business.

Information systems are registered and documented. Web technology facilitates the work which can be delegated to the system responsible. All systems and performance scores are available for management, audit and to other business activities that are dependent on the system.

In the area IS/IT, there are numerous requirements for example from legislation or standards, policies and rules. ISO/IEC 27001 information security or COBIT are two important standards in this area which are supported by the iFACTS concept and software.

iFACTS Information system is an efficient web tool for maintenance and control. Each information system is given a performance score. The list below shows all the available information system variables. These can be turned on or off depending on purpose and ambition.

Data and output

• Inventory and classification of the information system. Information gathering such as responsibilities, roles, classification, applicable law. Finalizing all steps in the inventory process gives a score of 100%.
• GAP analysis web questionnaire based on for example COBIT or ISO/IEC 27001 with a result in the range 0-100%.
• Risk assessment scenario based risk assessment. Result in a Consequence-Probability matrix with risk acceptance level. Score depending on if there are preventive actions planned for all scenarios over risk acceptance.
• Requirement fulfillment; a requirement list is generated from the settings in classification, law and risk assessment. These requirements need to be fulfilled in order to be "green". "Yellow" means active and "red" means passed due date.
• Objectives in the measurement portal different measure sessions are created and then continuously measured. For example: monthly downtime >2h or finalized support issues <99%. Fulfillment of objectives displays in the range 0-100%.
• Plans fulfillment; a plan requirement list is generated from the settings in classification, law and risk assessment. The plan needs to be done in time to be "green". "Yellow" means active and "red" means passed due date.
• Dependency mapping in the dependency component the information system is mapped for dependencies with other organizational assets and activities. A red dependency means that the requirements do not match and will result in a lower performance score.
• Events; from the maintenance work in the steps above deviations and nonconformities will emerge. These are integrated into the Event module and monitored for follow up and action such as management approval. The Event score is calculated from number of green, yellow and red events.

Implementation and roll out can be done instantly with high efficiency using web technology.

iFACTS Information system functionality

Dynamic setup of organizational structure and roles in the main administration, creation of company tree and roles. Connection to active directory.

Dynamic setup of inventory content all the steps in the inventory wizard are created by the administrator.

Requirement trigger Classification, applicable law and risk assessment can trigger requirements from the requirement list.

Plan trigger Classification, applicable law and risk assessment can trigger plans from the PPP plan list..

Calculation supports entering a calculation for each asset for example EML calculation or BIA.

Dependency component to establish dependency connection between organizational assets and activities. Presented in graph with critical line and dependency information.

Integration with Risk management, GAP, Event, Audit, Riskportfolio, INSMAN and the ONTRACK dashboard.

Event monitoring with connection to management approval and other roles and responsibilities.

Audit connected to the Audit module for automated audits and inspection programs.

Report generator a wide variety of reports/settings can be created and saved as templates.  All of these reports can be exported to Excel, Word, PDF, Text.

Search can be conducted according to selection on all registered data, for example, organization, type, status, category, role etc.