Information Protection relates to the protection of valuable assets against loss, disclosure, or damage.
IT/Security Policies and Procedures
Development and Update of Information Technology/Security Policies and Procedures.
Risk Management
IT/Security/Enterprise/Operational assessment of threats and vulnerabilities to calculate risks and establish needed controls.
Identity and Access Management
Proven methodology to identify and automate identity and access management processes to facilitate the enforcement of segregation of duties.
Data Loss Prevention
Evaluation of communication and information transfer technologies, procedures and controls to determine data leaks and update or establish controls.
ISO 17799 and 27001 Assessments
Assessment to determine compliance with ISO 17799 and 27001 standards including maturity model.
Penetration Testing
Evaluation of system vulnerabilities through ethical hacking including Internal Network, External Network, Wireless ,Web Applications and Social Engineering.
Cloud Computing Evaluation
Evaluate the security controls of cloud service providers considering internal and regulatory security requirements.
IT Strategic Alignment
Evaluation of corporate governance structure in terms of its effectiveness in evaluating, planning and implementing risk and compliance measures.