SERVICES

Security Governance, Risk, Assurance and Compliance (GRC)
InfoAssuraX offers the services of security consultants who have earned Certified Information Security Manager (CISM), ISO27001 Lead Auditor and Implementor; PCI DSS Implementor; Certified Ethical Hacker; Ethical Ninja; Certification and Certified Information System Auditor (CISA). CISM defines the core competencies and international standards of performance that information security managers are expected to master. It provides executive management with the assurance that those who have earned their CISM have the experience and knowledge to offer effective security management and consulting services. 

Information Security Training: 
We provides training seminars to IT professionals and employees with access to sensitive information to better educate them about the risks of social engineering and how to prevent themselves from falling prey to ruses posed by competitors or malicious intruders. These seminars are dedicated to preventing human error from undermining an otherwise robust information security infrastructure.

Merger and Acquisition Security assessment and strategy:
This service includes assessment of security posture for the acquired company to assess gaps or strength between itself and acquiring company. The assessment is based on acquiring company’s security program and best practices. We also provide advise on how to manage identified risk as you integrate the two entities together into one entity.
 

Information Security Governance:
Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Tasks include:

Develop the information security strategy in support of business strategy and direction.

Obtain senior management commitment and support for information security throughout the enterprise.

Ensure that definitions of roles and responsibilities throughout the enterprise include information security governance activities.

Establish reporting and communication channels that support information security governance activities.

Ensure the development and delivery of activities that can influence culture and behavior of staff including information security education and awareness.

Security Incident Response Management:
Develop and manage a capability to respond to and recover from disruptive and destructive information security events. Tasks include:

  • Develop and implement processes for detecting, identifying and analyzing security related events.
  • Develop response and recovery plans including organizing, training and equipping the teams.
  • Ensure periodic testing of the response and recovery plans where appropriate.
  • Ensure the execution of response and recovery plans as required.
  • Establish procedures for documenting an event as a basis for subsequent action, including forensics when necessary.
  • Manage post-event reviews to identify causes and corrective actions.

Penetration Testing

This services look at reviewing the critical infrastructure of the organisation including computer networks, applications, OS and physical security. Our Security Health Check will simulate the real attack as in the eyes of the hacker, and recommend the best practise to stay up to date with increase and dynamic threats and risk to your information systems.
CISSP - Certified Information Systems Security Professoinal
CERTIFIED INFORMATION SYSTEM AUDITORS
CERTIFIED INFORMATION SECURITY MANAGERS
CERTIFIED ETHICAL HACKERS
IT Infrastructure Library Practitioners
Ethical Ninja II