 |
Governance
Risk
Management
Computer
Forensic
Expert
Witness
Information
Security
Program
Management |
|
We will help you to establish and enable you to maintain an Information Security Management process that provides the framework needed to effectively oversee and direct the activities necessary to implement the information security program. We will achieve this by ensuring that your information assurance program incorporates a portfolio of administration processes and procedures including:
- Acquisition management methods and practices
- Service level agreements (SLAs)
- Contract development and administration
- Problem management and resolution
- Third-party service provider management
- Monitoring, logging, and auditing capabilities not limited to access of controlled information by unauthorized persons or processes; inappropriate access of controlled information by authorized persons or processes; analytics and reporting to support compliance auditing and help support an effective defense against prosecution
- Configuration management capabilities not limited to configuration identification; configuration control; configuration status accounting; configuration auditing
- Security review and testing capabilities not limited to internal/external network, system, and application vulnerability assessment; social engineering vulnerabilities; access control and facility vulnerabilities
- Security awareness and education not limited to Boards of Directors; executives; technical, professional, and administrative staff; customer-facing programs
|
|
Governance
Risk
Management
Computer
Forensic
Expert
Witness
Information
Security
Program
Management |
|
