IS Regulatory and Compliance Services
Playing by the rules is the golden rule. So, we’re here to help you understand and mitigate threats and vulnerabilities in a cost effective manner and to determine and provide your organization’s compliance with specific legislation, security frameworks or industry standards.
Step by step we assess your current state, then compare it with the standard to identify gaps in compliance and give you consultancy regarding the design, implementation management, operational and technical security controls, procedures and reporting. Then we plan the steps your organization needs to take for meeting all regulations, standard or framework requirements pertaining to your industry.
Our tasks include:
- Design and customize compliance frameworks based on standards (like ISO 27001);
- IS risk management practice with risk assessments that thoroughly evaluates organizational environment and effectively addresses the identified potential threats;
- Development of customized information security policies and procedures with comprehensive coverage, in a user-friendly format.
Trained to the highest standards and holding certifications such as CISA, CISM, CRISC, CISSP, our consultants’ expertise includes but is not limited to:
- ISO/IEC 27001
- ISO 31000
- ISO 20000
- COBIT (Control Objectives for Information and Related Technology)
- COSO (Committee of Sponsoring Organizations of the Treadway Commission)
- Red Book Governance, Risk and Compliance (GRC) Framework