Information Security Governance
Advisory services dedicated to IS Governance Management, from Policy to Procedures development, Maturity Assessments, ‘as-a-service’ support for the upper management roles and development an information security strategic planning/roadmap within the organization’s governance framework reinforced on information security programs. Aiming to provide C-level support on information security objectives and progress measurements to raise security levels within an organization.
Privacy, Risk and Compliance Management
Auditing and management of compliance with International Standards such as PCI-DSS and ISO/IEC 27001, and Regulatory Compliance such as the General Data Protection Regulation (GDPR).
Management of Privacy and Data Protection, from the execution of a Data Privacy Impact Analysis (‘DPIA’ or ‘PIA’), to the full definition of the DPO role and Data Protection requirements for GDPR Compliance.
Professional Services dedicated to support the Computer Security Incident Response Team (CSIRT) or internal Security Operations Center (SOC).
This area offers a service model for SOC ‘as-a-service’, SIEM and Log Management architecture and use-case development, and on-demand Forensics investigation for Security Incidents.
Technical Auditing projects led by a highly skilled team with experience in testing infrastructures, web and mobile application across a wide range of National and International Organizations.
These services are performed in alignment with business or risk management needs, mapping vulnerabilities into business risks, classified according to international standards (OWASP, CVSS, CWE and others) and including mitigation proposals.