Ensuring the security of your information systems and data is a constantly challenging and changing process posed by new technologies, new threats and regulatory requirements.
Engaging an independent third party provides you with invaluable information on how to stay abreast of current relevant security developments, industry best practices and identify areas of improvement within your information security infrastructure. An independent security assessment also sends a clear message to customers, senior managers and key stake-holders that information security is a high priority issue within your organisation and one that is being managed accordingly.
Our unique methodology enables us to assess your information security at many different levels such as managerial, process, policy and technical. Our methodology is based on the ISO 27001 Information Security Standard combined with industry best practices and standards published by organisations such as the SANS Institute, the US National Institute of Standards and Technology, the US CERT Coordination Centre and the Centre for Internet Security.
Our assessment also includes a full vulnerability scan of ten IP addresses for known security issues and weak configurations with a 99.995% accuracy using the most up to date and comprehensive database of known vulnerabilities.
We believe a proper security assessment requires a good understanding of your business and the important business drivers for you and your company. To this end we take the following approach;
At the end of each assessment our consultant will sit down with you and provide you with the deliverables listed below in both hard copy and soft copy format. We will discuss each of the key areas within the report to ensure the impact of our findings are fully understand and where necessary provide details on how best to address any issues identified.
Our deliverables to you at the end of this process will be: