Information Security Management

How information security can help meet business objectives

Companies today are under ever-increasing pressure to meet regulatory requirements, maintain strong operational performance, and increase shareholder value. In this hyper-competitive environment, companies can no longer afford ad-hoc security measures.

Protecting intellectual property, sensitive customer information, and other business-critical information requires a comprehensive security strategy that closely aligns with business objectives without being burdensome.

Services we provide include the following:
  • Information Security Management
  • Security strategy development
  • Organisational review
  • Security metrics design
  • Management reporting design
  • Managing outsourcing
  • Return on investment review

Information Risk Management
  • Information risk assessment services
  • Information risk assessment review and design
  • Data leakage review

Compliance and Awareness
  • ISO 27001 compliance review
  • ISO 27002 best practices gap analysis
  • PCI DSS compliance review
  • Privacy review and design
  • Awareness raising and training

Incident Response and Forensic Investigation
  • Incident response process review and design
  • Incident response services
  • Forensic investigation
  • Business continuity plan assessment

Threat and Vulnerability Assessment and Testing
  • Vulnerability scanning (network and software)
  • External penetration testing
  • Internal penetration testing
  • Web application security assessment

Architecture, Applications and Network Security
  • Security architecture design and implementation
  • Identity and access management design and review
  • Security controls design
  • Network security design
  • Physical and environment security review

Business Continuity
  • ICT outage risk assessment
  • Systems availability and resilience review (preventive measures)
  • Disaster recovery plan development, review or testing
  • Business continuity plan development, review or testing
  • Business case articulation