Security Management Audits

We deliver comprehensive Security Audit Services which are based on highly developed methods and an expert auditor team. Our auditors are skilful, experienced, security management professionals and also proficient IT-professionals. We provide both small-scale, focused projects and large enterprise-class security audits.

We also provide Security Management Consulting services that enable effective security development at all organization's business levels.

Security Management Audits

Our modular audit process enables effective work flow and provides development tools for our customers.

Modular Methodology

Our audit process provides methods for information security auditing, risk assessment, control selection, gap analysis, benchmarking, and security development. Security auditing reveals security weaknesses and strengths in the customer's business environment through risk assessment and analysis where the risk is calculated from weakness realization probability and business impact. Furthermore, the security posture of the customer is benchmarked against similar business cases in the same industry. Finally, applicable and effective security controls are proposed to mitigate the risks.

The standardized, modular structure of our audit process enables our customers to benefit from an effective audit service, where modules are chosen based on the customer business environment and architecture. Our process for audit work includes meetings, workshops and interviews, which are used for collecting all information required for a comprehensive end result.

Security Audit Services

Current State Analysis

Current State Analysis

To effectively manage organization security, the state, level and adequacy of security measures must be comprehensively known. This enables to focus enhancement resources to the most critical areas. Our Current State Analysis provides detailed insight to understanding the organization security state. The development plan provides a cost-effective improvement roadmap and benchmarking provides a measure to industry related companies.

Compliance Audits

Compliance Audits

Companies face mandatory security demands to be able to conduct their core business. Regulatory demands such as SOX and Emergency Power Acts, and business demands such as PCI DSS, must be fulfilled. Furthermore, customers demand adequate security practices from their vendors and partners. We can effectively assess the compliance of your business using the most recognized security standards and provide effective compliance development gap analysis and roadmap.

Risk Analysis and Assessment

Risk Analysis and Assessment

We deliver quality risk assessment and analysis services, which provide our customers with effective methods for comprehensively analyzing the most serious risks in their organization. Our Risk Analysis and Assessment methods are based on ISO27001 and COBIT standards and provide detailed analysis of threats, risk exposure, benchmark results and plan for managing the observed information risks.

Security Policy and Process Audits

Security policy defines the company-wide security requirements of the top management and vital stakeholders. To be effective company security policy must be implemented and materialized through uniforming operational level day-to-day practices, processes and procedures. We can audit the service development and day-to-day practices to ensure that service architecture is developed and maintained securely and effectively.

Service Operation and Maintenance Audits

Service Operation and Maintenance Audits

A company's heterogeneous infrastructure contains various critical services and systems which must be consistently developed, maintained and secured. Compromise could mean serious business impact through customer and profit loss. We provide effective audit services to help you assess the service maintenance and operation procedures, which ensure the service and system service level and comprehensive protection.