Services

INFORMATION SECURITY MANAGEMENT

  • ISO27001 compliant information security management consulting
  • PCI DSS compliance consulting
  • Information security and IT controls risk assessment
  • Information security policies, standards and procedures development
  • Information security solutions requirements analysis
  • Information security fundamentals, advanced technical and awareness trainings
  • Information security management system internal audit
  • Service providers information security audit services

VULNERABILITY MANAGEMENT

  • Penetration testing services:
    • Internet services pentesting
    • Web applications pentesting
    • LAN, wireless and telephone (PSTN) networks pentesting
  • System security configuration audit
  • Secure software development lifecycle management consulting
  • Vulnerability management process consulting

DATA PROTECTION & PRIVACY

  • Identification of sensitive information and information classification
  • Information flow and lifecycle analysis
  • Sensitive information risk assessment
  • Risk based security controls development, solution requirements analysis
  • Data protection program audit

IT GOVERNANCE

  • IT and application controls audit
  • Information technologies risk assessment
  • IT governance policies, standards and procedures development
  • ITIL v3 and ISO20000 based IT service management gap assessment and implementation consulting
  • IT audit universe and risk based IT audit planning consulting
  • Service providers IT audit services

COMPUTER FORENSICS

  • Forensically sound computer and network evidence collection
  • Keyword search, file recovery and file carving to look for potential incident evidence
  • Classification of files in terms of types and CRUD dates, file type analysis, known good and bad file analysis
  • Decryption of the encrypted potential evidence files

BUSINESS CONTINUITY MANAGEMENT

  • Business impact and business continuity risk assessment
  • Continuity strategy development
  • Business continuity solutions requirements analysis
  • Incident and continuity plans development
  • Incident and continuity test scenario development, test monitoring and improvement opportunity identification
  • Business continuity management system internal audit

ACCESS MANAGEMENT

  • Role based access control consulting
  • Identity management consulting
  • Segregation of duties assessment