BS 7799-2:2002 Certification
Wipro was the first organization globally to achieve BS 7799-2:2002
Certification (under new standard released on September 2002)
Wipro has well defined and documented security policies, processes
and guidelines in place for reasonable protection of information in
all the stages of the information life cycle and also for the offshore
development centers. Senior management commitment for security, Well
documented processes, technological controls along with the continuous
user awareness initiatives, constitute some of the critical factors
for Wipro’s security program.
Some of the domain areas which are reflected in Wipro’s security
policies are risk management, access control, legal compliance, offshore
development center security, virus prevention, asset management, business
continuity management, and security incident management and user awareness
etc to name a critical few. Most of these are considered critical
for enabling a safe computing environment at Wipro.
Risk based approach is undertaken for designing and implementing controls
on availability and security parameters for IT services and offshore
business operations. Some of the salient features in this area include:
 |
Assessment of IT and business level risks on a
periodic basis in various levels in the organization |
|
Coverage of risks covering people, process and
technology components |
|
Internal and external audits based continuous
improvement program |
|
Security advisories and awareness communication
to user community and business unit teams based on risk levels,
real life incidents and severity of threats |
|
Risk management plans for various types of project
lifecycle models |
Industry standard access & authorization mechanisms for accessing
critical applications are deployed to protect data in addition to
advanced controls such as encryption. Users are educated continuously
on the various threat factors and ways and means to address the issues
for safeguarding intellectual property of Wipro and its customers.
Wipro establishes secure mode of wide area connectivity with its customers
to fulfill business requirements and customer/Wipro data is handled
with utmost care including suitable backup mechanisms and fail safe
storage in all Wipro locations. Various regulatory compliance aspects
of Wipro’s customers are given importance while designing specific
customer based offshore development center solutions. Customer project
teams back-up data on a periodic basis within their environment as
per specific customer requirements and follow the plan as signed off
in the business agreements with the customers.
Some of the physical security measures include imparting education
on employee safety practices, constant patrolling of the premises,
mandatory check of photo ID at entry, restrictions in visitor movements,
and compulsory search of all incoming packages. All identified sensitive
areas inside the Wipro premises are access controlled on a need to
know and enter basis.
|
 Wipro
Fact File
Management
Team
Financials
Corporate
Governance
People
Values
Locations
Alliances
Recognition
Group Companies
Infrastructure
Quality
Innovation
"Wipro has consistently demonstrated high levels of business and technical knowledge, creativity and delivery excellence. We remain highly satisfied"
Carlos Moreno,
CIO, Skandia,
Germany
More testimonials>> |
|
About Wipro 
Subscribe to 'Peer Ping' our monthly newsletter
Request for Information
Contact Us
The People and the Power
