In addition to compliance services driven by specific standards - such as ISO 27001 or PCI DSS - Orthus provide services customised to corporate published information security policies. These services ensure that companies are meeting their own internally specified requirements for protecting business critical information assets.
Annual re-assessment services are designed to ensure that compliance is maintained – given the dynamic nature of applications and IT infrastructures.
Gap Analysis
An initial assessment by Orthus qualified individuals identifies compliance gaps in order to establish priorities for remediation. A typical assessment includes:
- An on-site review of infrastructure, applications, policy, processes and procedures to determine gaps in the implementation of published internal standards.
- Vulnerability scanning and penetration testing of key systems.
- A formal detailed prioritised remediation roadmap.
Beyond the Gap Analysis
Based on the Gap Analysis Orthus can assist with all aspects of remediation activity providing resource if needed to complement the skills, experience and capacity of in-house teams.
|