INFORMATION SECURITY AUDIT
ISO 27001 (previously BS 7799) is a structured set of guidelines and specifications for assisting organizations in developing their own information security framework. The standard relates to all information assets in an organization regardless of the media on which it is stored, or where it is located. The standard assists organizations in developing their own information security framework.
ITPSS security auditors will analyse the client organizations’ compliance with not only BS 7799 / ISO 27001 best practices but also investigate the gaps (gap-analysis) in the organization in terms of achieving Information Security. Gap Analysis will be performed and recommendations will be made for remedial action/strategy to achieve alignment with the requirements of BS 7799 / ISO 27001 best practices.
ITPSS Network Vulnerability Assessment and Penetration Testing service is a subset of BS7799 / ISO27001 security audit. Network Vulnerability Assessment is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a computer network system. The process is usually done internally, performing audits to identify vulnerabilities in computer networks as well as weaknesses in policies and practices related to the operation of these systems.
The goal of penetration testing is to attempt to gain access to computer networked systems that require authorized access by simulating an attack from a malicious user. The process involves an active analysis of the system for any potential vulnerability that may result from poor or improper system configuration.