What would be the consequences if key information was to be lost from your business? How would the organization be affected if non-authorized third parties had access to confidential information of your business? Have you estimated the cost for your business if there is a failure in the information systems for a period of time? Would you be able to continue with your operations?
Our service focuses on the development of an IT risk analysis with the purpose of obtaining an initial overview of IT risks that the company faces. This evaluation serves as a framework to prioritize management risk activities in a more detailed way.
The evaluation allows:
- Identifying the areas of potential high risk through the business
- Have a general overview of the main aspects of risk in which the business is exposed. Identifying these aspects is highly important in order to manage them.
- Provide guidelines for main risk scenarios, which constitute an essential input for a detailed analysis of the risks.
The end product is a report that contains an inventory of the risks found.
Information Security System
Information constitutes an essential asset for any Company nowadays and, therefore, requires protection. Our service focuses on the development of an action plan that enables to establish inside the organization a continuous process of security, with the aim to achieve and maintain an adequate level of security.
The final result of our work is a report that includes:
- A general security policy appropriate for the organization
- An inventory of the company’s systems (infrastructure, IT Systems, Networks, Applications, Organization, Staff)
- The requirements for system protection
- The threats to which the systems are exposed
- The controls suggested to minimize the threats
- The actual state of the implementation of the suggested control.
Business Continuity Plan
Continuity refers to the capacity of an organization to get through events that may have a negative impact over it; these events may include a fire, floods, power blackouts or even computer virus, theft of assets or intentional damage over the assets.
The Planning of the Business Continuity is the process to achieve this capacity and maintain it, and is a vital part of management of the information systems security.
Our service focuses on the development of a business continuity plan, following the specific methodology that comprises the following stages:
- Identifying and organizing threats
- Developing an impact analysis on the Company
- Create a response and recovery plan
- Test such plan
The end product is a Business Continuity Plan that involves all the stages mentioned before.
Audit for the process of introducing a management system
In every process of introducing a system there are several stages and tasks that must be carried out in order to grant a proper process.
Our methodology enables us to analyze if these stages where completed and the effects it may cause in the future, not being able to complete with certain stages.