- Building information security and IT processes in accordance with best practices and international security standards (PCI, ISO, ITIL, GDPR).
- Ensuring security and business continuity (BCP, DRP).
- Conducting briefings and training of company employees.
- Expert audit and preparation of a compliance report and a list of tasks for elimination. The term and cost of work depend on the volume in man hours.
FOR WHOM IS THIS RELEVANT?
- For small and medium businesses.
- If you have information that you want to protect from accidental leakage, competitors or others.
- If you plan to receive PCI DSS, ISO 27001 compliance certificates. GDPR or ITIL is relevant for you.
- If you want to ensure the fault tolerance of processes and systems.
- If it is important for you that employees know how to behave in difficult situations.
SERVICES
A full package of regulatory documentation for a fixed amount within a month
Information security policy
Firewall policy
Key management policy
Security policy in the development and implementation of software
The procedure for changing access rights to information assets
The procedure for monitoring access rights to information assets
The procedure for managing changes in the information infrastructure
Information security incident management procedure
Vulnerability management procedure
Procedures for handling information carriers
Antivirus protection regulation
Third Party Policy
Regulations for the use of the Internet
Rules for the use of e-mail
Cryptographic protection regulation
Information infrastructure monitoring regulation
Regulations for ensuring the uninterrupted operation of the information infrastructure
Regulations for ensuring information security during the storage and transfer of information assets
Password protection regulation
Information Security Risk Management Regulation
Regulations for the distribution of duties and responsibilities in the field of information security
Regulations for managing access to information assets
Physical protection regulation
Information security awareness program for employees
System Component Configuration Standards
Stages of work
- You apply to the specified contacts. We schedule a convenient time for a call or meeting.
- During the meeting, we determine what types of work you need.
- We sign a non-disclosure agreement (NDA).
- After that, questionnaires are filled out with basic information about processes, systems and employees.
- We conclude a contract for the performance of work.
- Next comes the analysis of processes and systems.
- Information is being collected.
- Development of documentation.
- A list of inconsistencies and recommendations for their elimination (if any) is being prepared.
- Building processes (if required).
- Staff training (if required).
- Building information security and IT processes in accordance with best practices and international security standards (PCI, ISO, ITIL, GDPR).
- Ensuring security and business continuity (BCP, DRP).
- Conducting briefings and training of company employees.
- Support for processes change.
TIME FRAME – FROM 3 MONTHS
The cost of work and the timing of their implementation depend on the required number of man hours to implement the processes and systems of the company.
ADVANTAGES
- Building security processes.
- Reducing the risk of hacking, data theft and subsequent fines.
- Reliability and fault tolerance of processes and systems.
Why Choose Consulting?
Contact us today and get
FREE FIRST CONSULTATION