Curated Service Lines hand-picked to suite your immediate Cyber Security Needs Achieve True Business Value Beyond Just Compliance Reach Us on : +974 555 70 907 | Email: [email protected] | www.oissggroup.com
OBJECTIVE: ACHIEVE COMPLIANCE AGAINST NIA AND GET CERTIFIED National Information BY QCERT Assurance NIA 2.0 Consulting Services Available: Build a living security baseline and develop a robust security posture NIA Scoping and Baseline Assessment NIA Implementation and Pre-Audit Readiness NIA-ISO 27001 Bridging Implementation NIA based Assurance Maturity Mapping NIA Executive Management Workshops Qatar Cyber Security Framework OBJECTIVE: SECURITY MANAGEMENT CAPABILITY MATURITY (CSF) 2022 AS MONITORED BY SUPREME COMMITTEE MPTO Build Security Capability and leverage technology to automate security management Consulting Services Available: Technical Assessments for all 14 capability domains Control Implementation Guidance including Automation Evidence formalization, collating and mapping to meet SC MPTO mandate Quarterly reporting support for SC MPTO Requests Support responding on SC Feedback and action items on submitted reports Facilitate proxy representation for SC Meetings on behalf of the client Recommend and advise on selection of additional tools or technology OBJECTIVE: ASSESS AUDIT READINESS, BUILD OPERATIONAL EXCELLENCE Internal Audit Consulting Services Available: Leverage benchmarking for operational excellence Develop Internal Audit Capability Design, Define and Develop Audit Plans Global / National Benchmarking Exercise Execution of IT Audits Remediation Roadmap and Improvement Guidance Validation & Assurance Services
OBJECTIVE: TEST ROBUSTNESS OF SECURITY MEASURES AND DEFENSE MECHANISMS Vulnerability Assessment & Penetration Testing Secure Configuration Review (VAPT) Application Source Code Review Application Testing and Mobile Application Testing Assess Infrastructure Security with On-Demand Penetration Tests Offensive Techniques Red Team Engagements Vulnerability Analysis and Remediation Client-side Security Test Remote Access Security Test Social Engineering Test Gray Box, Black Box and Black Box Testing – Assessments conducted with strictly limited knowledge of client White Box Testing network and no information on the security policies, network structure, software and network protection used. Gray Box Testing – Assessments conducted with some information on client network, such as user login details, architecture diagrams or the network’s overview White Box Testing – Assessments to identify potential points of weakness by using admin rights and access to server configuration files, database encryption principles, source code or architecture documentation OBJECTIVE: ADOPT SECURITY GOVERNANCE ON CLOUD DEPLOYMENTS Cloud Security ALIGNED WITH QATAR CLOUD SECURITY POLICY AND OTHER POLICIES. Assess Risk and Security Controls to make cloud computing safe and secure Consulting Services Available: Cloud Risk Assessment Establish a Cloud Security Strategy Cloud Security Policy Compliance Establish security governance Define cloud security monitoring parameters Cloud Security Assessments SaaS / PaaS / IaaS
OBJECTIVE: BENCHMARK AGAINST ISO 22301 AND DEVELOP RESILIENCE FOR Business Continuity BUSINESS CONTINUITY Management Consulting Services Available: ISO 22301 Business impact and current state analysis Develop Resilience and assure Development of business continuity plans, procedures & strategy Business Continuity Workspace recovery design and sourcing Guidance on BCM software selection OBJECTIVE: BENCHMARK AGAINST ISO 27001 AND DEVELOP SECURITY Business continuity testing and training MANAGEMENT SYSTEM Preparation for ISO 22301 audit Consulting Services Available: Information Security Management Framework (ISMS) Develop Security Policies, Standards, Processes and Procedures Assess compliance posture and remediate gaps ISO 27001 Risk assessment and Asset Classification Internal Audit and Training Develop Security Management Preparation for ISO 27001 Audit Framework and Governance IT Service Management OBJECTIVE: BENCHMARK AGAINST ISO 20000 AND DEVELOP SERVICE MANAGEMENT SYSTEM ISO 20000 Consulting Services Available: Develop Service Management and Define Service Management Processes assure Service Level Agreements SLA development and service assurance CMDB definition and Asset Management Guidance on service management software selection ITIL Benchmark and training Preparation for ISO 20000 audit
Search
Read the Text Version
- 1 - 4
Pages: