Auditing and Assurance Services

An information technology audit, or information systems audit, is an examination of the controls within an Information Technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding organizational assets, maintaining data integrity, and operating effectively to achieve the organization’s goals or objectives. These reviews are essential to mitigate risks of any business discontinuity or planning disaster recovery mechanisms.Some key benefits of Information System Audits include:
• Key source of information for security reviews
• Demonstrates management commitment
• Enables business continuity planning and disaster recovery
• Improves personnel awareness, participation and motivation
• Provides opportunities for continuous improvement
• Improves customer confidence and operational performance

Implementation & Compliance Verification Services

1. ISO 27001:2013 ISMS (Information Security Management System)
2. ISO 20000:2005 ITSM (Information Technology Service Management)
3. ISO 22301:2012 BCMS (Business Continuity Management System)
4. ISO 9001:2008 QMS (Quality Management System)
5. CMMI® Version 1.3 (Capability Maturity Model Integration)
6. TMMI® Version 3. 1 (Test Maturity Model Integration)
7. PCI – DSS (Payment Card Industry – Data Security Standard)

Process Improvement and Consultancy Services

1. Information Systems
2. Information Security Management System
3. Information Technology Service Management
4. Business Continuity Management System
5. Software Process Improvement Mechanism (CMMI®)
6. Testing and Quality Assurance Mechanism (TMMI®)
7. PCI – DSS ComplianceProcess Areas
1. Project Planning Process Area
2. Project Monitoring and Control Process Area
3. Risk Management Process Area
4. Configuration Management Process Area
5. Quality Assurance and Testing (Verification and Validation) Process Area
6. Supplier Agreement Management

Audits & Assessment Services:

1. Security Audits
2. Vulnerability Assessments
3. Penetration Testing
4. Web Application Penetration Testing
5. Risk Assessment
6. Application Compliance & Control Review

Architecture & Design Services:

1. Security Architecture Review and Design
2. Policies & Processes
3. Information Security Management System (ISO 27001) Gap Analysis & Implementation
4. Business Continuity Management Systems (BS 25999) / 22301 Gap Analysis & Implementation
5. Cloud Security Assessment & Consultancy