top_customers.jpg
 

Xerox

General Information

Xerox do Brasil is a document processing technology company which has been operating in Brazil for 40 years. Its activities include systems for graphic production of high-volume digital documents, document creation, reproduction and printing equipment for offices of all sizes, as well as the largest set of document treatment solutions and services in the market. The company has professionals and business partners throughout the country, including six branches, three manufacturing units in the cities of Resende (in the state of Rio de Janeiro), Simões Filho (in the state of Bahia) and Manaus (in the state of Amazonas), 61 certified resellers and 1700 employees in Brazil. Its head office, Xerox Corporation, has a worldwide presence the world with 61,100 employees and annual revenues of $ 15.7 billion.

Project Scope

Information security office implementation, which among other functions, will be in charge of:

  • Developing and implementing a business continuity plan (disaster recovery);
  • Risk management;
  • Reformulating access controls in its network environment;
  • An environment with more than 150 servers and 2000 workstations;
  • Approximately 20 SOX applications.
“Xerox do Brasil was the first company in the international corporate group which includes Latin America, Eastern Europe and some developing countries in Asia to be certified under the Sarbanes-Oxley Act. The company has passed all tests in this certification without any re-compliance recommendations. Part of this success can be credited to Modulo Risk Manager’s ability to tell us precisely where the main risks to be mitigated were, and therefore to generate significant productivity gains.” Arnaldo Cadena
Infrastructure Operations and Information Security Manager - Xerox
Client's Needs
  • Certify the IT area in the context of the Sarbanes-Oxley Act;
  • Implement and disseminate the concept of Information Security in the Organization;
  • Create controls that allow management of the asset-related risks by means of a formal, permanent system recognized by the organization.
Solutions Implemented
  • Use of Modulo Risk Manager to meet requirements under the Sarbanes-Oxley Act (SOX), testing the IT environment, assessing the implemented controls, adapting and documenting the controls regarding the Sarbanes-Oxley Act and constantly monitoring the environment in order to guarantee effectiveness of the implemented controls;
  • Risk Management Plan with the purpose of promoting constant assessment of all of the company's IT assets, establishing the highest priority for actions regarding the assets presenting higher risks;
  • Business continuity plan in order to align the company's environment with corporate demand - developing, documenting and testing a business continuity plan which is capable of covering all of the company's critical mission assets;
  • Restructuring of the entire access control process for the company's systems, centralizing access-granting and access-exclusion activities, as well as all the control of function segregation, so as to avoid unauthorized access to corporate systems while optimizing the use of specific software and database licenses.
Benefits
  • Reduction of qualification expenses;
  • Reduction of expenses on daily IT operations;
  • Dedication of company staff to their core business, while trusting the attributions of developing an information security office to an experienced partner;
  • Reduction of the inevitable IT operation costs as a whole, since they end up being optimized by means of a more effective and safer management of the processes executed;
  • Prevention and minimization of risks regarding attacks, situations of unavailability, viruses, and other situations, preventing additional expenses with subsequent corrections;
  • User friendly system.
 

Modulo Community


modulo-it-grc-newsletter modulo-it-grc-twitter modulo-it-grc-youtube modulo-it-grc-slideshare modulo-it-grc-linked-in


Contact us

US toll free: +1 866 663 5802
Phone: +1 973 744 1617