LogoLogo
  • TRUST CENTER
    • Trust Center Syntphony
    • Security
      • Security Organizational Model
      • Security Governance Approach
      • Security Risk Management
      • People Security
      • Identity and Access Management
      • Secure Software Development
      • Acceptable User of Assets
      • Security Operations & Security Incident Management
      • Security in IT Operations
      • Physical Security
      • Suppliers Security Management
    • Conformity
    • Business Continuity
      • Business Continuity Approach
    • Support Model
      • Customer Support Policy
        • Support Plans
          • Support Case Severity
          • Support Limitations
          • Technical Account Manager
        • Value Added Services
          • Product Upgrade Plan
          • Case Escalation
          • Lifecycle Policy And Legacy Support
          • Proactive Business Monitoring
      • Service Level Agreements
        • Definitions
        • Customer Obligations
        • Service Credits
          • Maximum Financial Credit
        • Exclusions
      • Pricing
  • PRODUCTS
    • Automotive Tracking
      • Infrastructure
    • Compliance Management
      • Infrastructure
      • Conformity
      • Support Model
        • Customer Obligations
        • SLA Subscriptions
          • Services
          • Incident
          • Service Request & change Management
          • System availability
          • Limitations
          • Definitions
          • Overarching services
          • Sandbox workspace
        • Business Continuity
        • Security
    • Content Services
      • Privacy
        • Manages Privacy - SaaS
        • Manages Privacy - On Premise
      • Infrastructure
      • Conformity
    • Conversational AI
      • Privacy
      • Infrastructure
      • Conformity
    • Electronic Health Record (EHR)
      • Privacy
        • Manages Privacy - SaaS
        • Manages Privacy - On-Premise
      • Infrastructure
      • Conformity
    • Employee Intranet
      • Infrastructure
      • Conformity
    • Experience Distribution
      • Infrastructure
      • Conformity
    • Immersive Experiences
      • Privacy
      • Infrastructure
      • Conformity
    • Insurance Distribution
      • Privacy
      • Infrastructure
      • Conformity
    • Intelligent Automation
      • Privacy
      • Infrastructure
      • Conformity
    • Intelligent Document Processing
      • Privacy
      • Infrastructure
      • Conformity
    • Knowledge Search
      • Privacy
      • Infrastructure
      • Conformity
    • Learning Tech
      • Privacy
      • Infrastructure
      • Conformity
    • Loyalty
      • Privacy
      • Infraestructure
      • Conformity
    • Mobility Management
      • Privacy
      • Infrastructure
      • Conformity
    • Operation Transformation Strategy
      • Infrastructure
      • Conformity
    • Payments
      • Privacy
      • Infrastructure
      • Conformity
    • Perfect Store
      • Infrastructure
    • Pricing Management
      • Infrastructure
    • Process Management
      • Privacy
      • Infrastructure
      • Conformity
    • Sales
      • Privacy
      • Infrastructure
      • Conformity
    • Security and Identity Management Platform
      • Privacy
      • Infrastructure
      • Conformity
    • Security Privacy and Integrity Platform
      • Infrastructure
    • Short-term Power Trading
      • Privacy
      • Infrastructure
      • Conformity
    • Smart Multi-cloud Management
      • Privacy
      • Infrastructure
      • Conformity
    • Stations
      • Privacy
      • Infrastructure
      • Conformity
    • Virtual Care
      • Privacy
        • Manages Privacy - SaaS
        • Manages Privacy - On Premise
      • Infrastructure
      • Conformity
Powered by GitBook

About us

  • Syntphony website
  • NTT DATA Syntphony solutions

Syntphony © NTT DATA Spain, S.L.U 2025 - All rights reserved

On this page

Was this helpful?

Export as PDF
  1. TRUST CENTER
  2. Security

Security Risk Management

The security risk framework, explained in the Security Risk Management Standard for NTT DATA EMEAL, defines the roles and responsibilities of all actors involved in risk management, as well as describes the various risk approaches and risk governance instances.

The steps for systematic risk management such as establishing the context, identifying and evaluating risks, treating risks, communicating, and reviewing are outlined based on the ISO 27005 standard.

The approach to security risk management is oriented both to protect work tools and products as well as to ensure business objectives, thus, two security risk dimensions are highlighted: asset-based risk assessment, and operational risk assessment.

Risk governing bodies at strategic and operational levels, and the communication and escalation mechanisms for risk owners and committees are also defined.

Risk treatment measures are implemented to maintain the risk levels below the established risk appetite set by the Top Management and monitoring actions are carried out to ensure they are completed in due time. The periodicity of assessments is stablished to be, at least, yearly.

PreviousSecurity Governance ApproachNextPeople Security

Last updated 3 months ago

Was this helpful?