audit_perfomance

Our technology solutions are based on two principles: the need for high levels of technical skill to address technical threats, and awareness that many of the greatest losses come from “routine” risks which are not effectively addressed.

Technology can be transformational in helping to deliver significant business improvements and yet it brings with it some of the greatest and fastest changing threats. With technology taking an increasing proportion of corporate spending, it now represents the major concentration of risk and reward for many businesses.

We have extensive experience of dealing with global regulators and providing data privacy solutions which ensure that compliant handling of client data does not disrupt “business as usual”.

Information security governance

  • – IS027001 gap analysis assessment and remediation plan
  • – Security architecture and/or policy design and implementation
  • – Support clients to full accreditation to the IS027001 and IS020000 standard
  • – Create/maintain risk management framework
  • – Penetration testing and vulnerability analysis
  • – Web application security review (OWASP)
  • – Incident and response management
  • – Identity management
  • – Data encryption
  • – Security awareness training and risk management
  • – Access control management
  • – Cloud computing
  • – Bring your own device
  • – Mobile computing

 

Information technology governance and risk

  • – Evaluation/creation of governing framework documentation
  • – Create/assess IT control framework
  • – Monitor/manage IT controls
  • – * Process improvement using methods such as benchmarking, continuous quality improvement, Six Sigma, CMMI (Capability Maturing Model Integration) or Lean
  • – Evaluation and selection of IT investments, benefit realization and delivery of value
  • – Cost management

 

Technology assurance                  

  • – Implementation/review of IT Infrastructure Library (ITIL) function
  • – Configuration management
  • – Application audit
  • – IT infrastructure audit
  • – IT audit
  • – Regulatory Audit
  • – Enterprise resource planning (ERP) audits
  • – End user computing assurance

 

Data Management                        

  • – Data architecture review
  • – Data privacy
  • – Data analytics and forensics
  • – Storage architecture
  • – Data warehousing

 

Business Continuity Management                          

  • – Assistance with accreditation with IS022301
  • – Operational resilience review
  • – Business impact analysis
  • – Risk analysis
  • – Business continuity strategy
  • – Business continuity planning
  • – Continuity testing
  • – Continuity training
  • – Data storage and back up architecture
  • – Manage external dependencies