SERVICE

All of our GRC solutions are available in English throughout Asia Pacific Regions.

GRCとは>

GOVENANCE

ケーススタディ

Help to design information security policy with an eye towards the next-generation system.

Customer Request
Reflecting changes of business models and work styles, the speed of new technology introduction into IT systems is accelerated every year. We should also correspond with various regulations quickly. Therefore, we have looked for an information security policy which should be developed with an eye towards the change of IT systems and their operations in future and should correspond with various regulations in an efficient way.
NANAROQ Answer
Expert security consultants will assist the customer to develop an information security policy which can still be applicable to future IT systems. The policy can correspond with various regulations using UCF (Unified Compliance Framework) which is a framework to summarize over 600 laws, regulations and guidelines around the world in one sheet. UCF used in consulting process will map between the information security policy and regulations which allows to correspond efficiently to future new regulations.
NANAROQ Solutions
Help defining policies and guidelines of information security
Consulting using UCF (Unified Compliance Framework).

実績一覧

Business Line Business Project Overview
Governance Investment Trust Global governance (development of guidelines)
Subsidiary of a General Leasing Company Development of guidelines
Subsidiary of a Mobile Network Operator Development of guidelines
Home Delivery Service Global governance (development of guidelines)

Risk

ケーススタディ

Introduction of Risk Organizer™

Customer Request
We have manually managed diversified and numerous risks using Excel, in terms of environment, PL, information security, safety, disaster invention, etc. where we have spent a lot of time and faced troublesome information comparison.
NANAROQ Answer
Introduce Risk Organizer™ which is a cloud-based risk management software.
It incorporates fragmented risk information under Excel-based management and compiles a database where risks are visualized and can be analyzed. Which means that the customer dose not waste their time anymore and focuses on risk analysis and countermeasure development.
NANAROQ Solution
Risk Organizer™
Case study details of Risk Organizer™:http://www.grc-j.com/cases.html

実績一覧

Business Line Business Project Overview
Risk Subsidiary of a General Leasing Company Assessment of web-site risks
Collection Agency Risk analysis
Electrical Equipment Manufacturer Streamlining assistance of company-wide risk management
Financial Holding Company of a Retailer Group Assessment of system risks of overseas subsidiaries

Compliance

ケーススタディ

Consulting for PCI DSS Compliance

Customer Request
Credit card information will be used for business reason and we need to be PCI DSS compliant.
In order to continue yearly audit and operation, and to maintain security level under PCI DSS, security measures and evidence management shall be incorporated to our information dealing system in a manner to meet PCI DSS requirements.
Anticipating our future operation of PCI DSS, we need to develop a countermeasure guideline based on the survey of current status, promote operational efficiency and continue our business by acquiring PCI DSS.
NANAROQ Answer
Gap analysis between PCI DSS compliant system and current system by our knowledgeable and proven consultants.
Provide an effective proposal to get through the assessment and cloud-based services specialized in PCI DSS assessment and operation where NANAROQ develops templates targeting customer's efficient operation in future.
Providing efficient ways to manage the evidence management for enormous number of requirements and the assessment, the assessment period can be managed shorter than ever before.
Moreover, the costs of future assessments will be reduced utilizing information of cloud services.
NANAROQ Solution
Consulting of PCI DSS Gap Analysis, Consulting to assist PCI DSS Compliance - PCI DSS Compliance PAQ (Cloud Service)

実績一覧

Business Line Business Project Overview
Compliance Logistics Company ISMS
Commercial Banks, ATM Management Company PIN security
System-user System Integrator PCI DSS(gap analysis)
Subsidiary of a Communication Company listed on TSE 1st Assistance of PCI DSS compliance

Security

ケーススタディ

Help to develop SOC/CSIRT and SIEM

Customer Request
Increased cyberattack against corporations has made us difficult to analyze the status of security measures and the risks of cyberattack. So we need to promote comprehensive management of security measures throughout the company and strengthen our security monitoring system.
NANAROQ Answer
Expert security consultants, based on their proven SIEM knowhow, arrange SOC/CSIRT requirements and assist to develop grand design and road map of SOC/CSIRT anticipating the operation by the CSIRT team. Furthermore, we draw grand designs to introduce SIEM, which is a key to SOC/CSIRT operation, where the customer is able to develop action plan to tighten up security measures in future.
NANAROQ Solution and Service
Consulting to assist SOC/SIEM development, SIEM consulting

実績一覧

Business Line Business Project Overview
Security Subsidiary of a Mobile Network Operator and a Rubber Production Company Assistance SOC/CSIRT development
Life Insurance Company Security assessment of cloud infrastructure
Subsidiary of a Electrical Equipment Manufacturer NW vulnerability assessment
Pharmaceutical Company Log analysis

pagetop