Released on = June 18, 2007, 5:59 am

Press Release Author = Claudiu Popa

Industry = Computers

Press Release Summary = Informatica Security exclusively offers the acclaimed
FlexSecure VerifyT information risk methodology. The unique service scales to meet
the compliance and business risk objectives of diverse organizations, offering the
industry\'s most complete range of professional security assessments.

Press Release Body = Toronto, June 13, 2007 /PR/ Toronto-Based Informatica Security
has expanded its global service portfolio to meet the needs of smaller organizations
with the broadest range of security assessment options available. With 86% of
security breaches originating externally and over 75% targeting both small
businesses and the non-profit sector, the focus has shifted to organizations that
have traditionally been less prepared for hacking and privacy attacks.

Global firms in diverse industries and government agencies face the mounting
pressures of compliance requirements and industry standards, designed to protect
them, their clients and the public against the almost infinite variety of threats to
information assets, financial risks and identity theft. Many organizations are
required to simultaneously comply with multiple laws, standards and practices while
regularly repeating audit procedures.

Most organizations find this process extremely resource-intensive, expensive and in
many cases, ineffective. Many fail their audits while others see inconsistent
service levels from companies hired for their expertise in conducting information
risk audits. Informatica's president, Claudiu Popa is one security and privacy
expert who believes that the situation is not sustainable and further pressure will
make organizations less likely, rather than more likely to become compliant. He said
"we are seeing both auditors and their clients skipping steps, failing to address
critical risks and creating dangerous situations where a false sense of security
leaves the organization open to attack and customers vulnerable to privacy and
identity theft. This is absolutely unacceptable and we worked hard to ensure that
our proprietary security assessment methodology addresses the situation."

Not all security assessments are created equal

Informatica's Verify methodology is designed to be applied to a vast number of
situations, from global enterprises struggling to contain the costs of
Sarbanes-Oxley audits to small retailers that need to comply with the evolving VISA
PCI standard. Organizations around the world can register for an information
security or privacy review (FlexSecure Verify Gold), a standards compliance audit
(FlexSecure Verify Platinum) or a comprehensive threat and risk assessment
(FlexSecure Verify Titanium). Each solution is based on a recurring model with
recommended intervals of 3 to 12 months between assessments, although one-time
assessments continue to be a popular choice for many organizations: "We find that
companies come back every 6 to 12 months to conduct risk assessments, but they
occasionally change the focus of the project from analyzing the risk of internal
applications to gauging the physical security of their data centres. Our certified
security experts are able to accommodate almost any situation, but we recommend
adequate planning before any such undertaking to maximize effectiveness".

Informatica Research experts estimate that between 20% and 50% of all information
security assessments conducted in the industry today are ineffective due to improper
planning, inadequate resources or unqualified auditors. The company works with
management and internal audit or IT staff to properly plan and communicate the
essential aspects of each project before it takes place. For organizations that do
have qualified in-house personnel, Informatica Security offers a version of
FlexSecure Verify that can be completed jointly with its security experts, leading
to significant savings in both cost and time.

World-class information security assessments and compliance audits

The FlexSecure Verify family of recurring audits and assessments is the only service
line based on 15 years of diverse best practices and industry standards-based
business assessments, product testing and policy audits. As Informatica's flagship
service, Verify helps dozens of organizations protect themselves and their client
base each year, with a methodology designed to uphold industry standards such as
ISO17799, SysTrust, PIPEDA, Sarbanes-Oxley, GLBA, FISMA, HIPA, PHIPA and any other
risk-based compliance requirement. Verify engagements are complemented by detailed
reports and presentations on the security posture of products, networks, systems,
Web sites and/or applications.

FlexSecure Verify is the combined work of certified Informatica professionals and
best-of-breed technology. Different types of Verify engagements address the business
risk requirements of today's organizations: internal security audits, external
vulnerability assessments and process reviews, which include policy and procedures
analysis, data retention and business continuity planning. For more detailed
information on FlexSecure Verify including recurring assessments visit
www.SecurityAssessments.ca.

About Informatica Corporation and InformationSecurityCanada.com

Toronto-based Informatica Corporation is a renowned information risk consulting
leader. Over the past 18 years, Informatica has provided consulting, analysis,
implementation and training solutions to SME and enterprise clients in diverse
sectors and world regions. Informatica clients include financial organizations,
government, non-profit organizations, services, manufacturing and health
organizations.

The Informatica group of companies offers diversified security solutions including
published research, emerging threat analysis, corporate risk strategy, security
project management, corporate training and security awareness certification for all
corporate employees. Informatica also offers best-of-breed commercial products, On
the web: www.InformationSecurityCanada.com and www.InformaticaEducation.com. Visit
also www.InformaticaResearch.com and www.InformaticaSolutions.com.

For media enquiries and information risk management solutions:

Claudiu Popa, CISSP, PMP, CISA
President & CSO, Informatica Corporation
416-431-9012 Info@InformaticaSecurity.com

CO: Informatica Corporation Information Security/Risk Management
ST: Ontario
IN: HTS
SU:




Web Site = http://www.InformationSecurityCanada.com

Contact Details = Claudiu Popa, CISSP, PMP, CISA
President & CSO, Informatica Corporation
416-431-9012 Info@InformaticaSecurity.com