Indusface Consulting
Home Contact Indusface Sitemap  
 
 
 
data sheets
case studies

compliance

services
Information Security related government regulations and industry standards such as ISO 27001, RBI, SEBI, SOX, HIPAA, PCI, IT ACT 2000 etc affect every business and government organization today. Decision makers are concerned about the security of critical assets, the information flow within the organization as well as compliance to these standards and regulations. Without a dedicated strategy, metrics and management, your organization, may be creating gaps and increasing operating costs that may lead to non-compliance. Thus, it is of paramount importance to ensure compliance with the legal and regulatory requirements to continue in business.
Indusface Solution
Our experienced and certified security auditors have extensive experience in mapping information security strategies and processes to different standards. Our knowledge-base, experience, infrastructure and global presence ensure timely and expert analysis for all your compliance audit needs. Indusface starts with your business objectives, and then follows a simple, pragmatic and process-driven approach to review an organization's compliance to the applicable security standards, regulations or best practices.
  • Identification: Indusface auditors initiate the compliance audit by conducting a strategic management review program with the top management and the outcome is identification of HIGH risk areas within the organization and the areas that need Information Security Management System.

  • Review of Intent: Documentation of any information security management framework is an integral part of the entire Information Security Management System. It plays a critical role in showing the objective, approach, intent & commitment of the management towards Information Security. A thorough review of the information security documents is carried out by the Indusface auditors (Onsite/Offsite). It also serves as a benchmark for the implementation audit stage preparation.

  • Review of Effectiveness: The implementation audit is guided by the outputs from the document audit stage. Subsequently, an audit plan is prepared and auditors assess your current security posture to check whether it conforms to the requirements of the Standard/Best Practice or organization’s own controls. For this matter, Indusface would gather existing data related to People, Process & Technology within the organizational departments by producing an extensive questionnaire. Subsequently this data would be analyzed and a consolidated report will be generated, clearly stating the key business assets of your organization.

  • Report Generation: The deliverables of this service offering includes an Executive Summary for the key decision makers, a detailed report for the specialist group and a document on how the present scenario can be improved.
    © 2009 Indusface. All rights reserved. Terms of Use and Privacy Statement