• Friday , 31 October 2014

Security Management

In the complex business environment in which the companies operate, it is no longer enough to react quickly to threats. It is necessary to define and implement new efficient, effective and consistent models of security management.

We provide services to let processes and technologies to evolve in a synergic and integrated manner, in order to gain market competitiveness and achieve an even greater level of overall safety.

Compliance & Policy Services
  • Adaptation to the regulatory and legislative law/body in the field of security (BS7799/ISO27001, ISO15408, D.L. 196/03), Personal Data Protection and Privacy (Dlgs. 196/2003 — Code regarding the protection of personal data) and of administrative liability of companies and insitutions, in particular Dlgs 231/2001 e Dlgs 231/2007
  • Definition of the Corporate Security Policy Framework (policies, guidelines, procedures, rules, standards)
  • Analysis of procedures and methodologies of computer systems with IT Audit methodologies (COBIT)
E-Learning
  • multimedia Training about information security
  • multimedia Training about  privacy
  • multimedia Training about 231
  • multimedia Training about ad-hoc content

Risk Management

  • Analysis and assessment of the level of maturity of the security system in order to define a correct security strategy
  • Definition and implementation of Risk Assessment Plans
  • Definition and implementation of Risk Management Plans
Incident & Crisis Management
  • Design and development of methodologies, implementation and management of Business Impact Analysis and Evaluation
  • Development, editing and implementation of the Business Continuity and Disaster Recovery Plans
  • Planning and Design of the organizational model for the management of crises and emergencies

ICT Security

  • Management of activities of ethical hacking (Vulnerability Assessment and Penetration Test) to verify the security of the systems and infrastructures
  • Analysis of the source code of the applications through code auditing and code review technique
  • Owasp Testing
  • Scada Security Testing
Information Security
  • Development of the ISMS System (Information Security Management System) for the support of the International security certification ISO 27001
  • Design, activation, maintenance of infrastructures of Information Security
  • Implementation of assessment and intervention plans for the adjustment of payment systems to international standards PCI DSS

Related Posts