Learn how our Risk Management Solution can help you
ISO27001 Implementation Services / Information Security Management System
With increasing fines for personal data breaches, organization needs to ensure compliance and security of their digital asset data. Implementing ISO27001 demonstrated that the organization has defined and put in place best practice information security process, an effective way to securing business process.
Without losing business flexibility, it enhances reputation which may increase market trust to the organization. Long term benefit from implementing Information Security Management System (ISMS) is about protecting company reputation. Companies who serve public which involve financial transaction should implement this standard.
We offer full cycle ISMS which deliver one standard package or customized services depend on company maturity and requirements . Our services include : awareness training, implementation training, implementation services and certification audit assistance.
Business Continuity Plan (BCP) & Disaster Recovery Plan
Business Continuity Plan (BCP) is a professional service to assist Company in providing a plan to anticipate extreme events that could potentially disrupt the continuity of the Company’s business. The Disaster Recovery Plan (DRP) is part of the BCP that focuses on IT service continuity planning to support the business processes of the Company.
IT Audit or IT Assessment is a professional service to independently assist Company by conducting a series of review, observation, interview, and confirmation activities to provide gap analysis to the ideal conditions in accordance with the framework or standard reference. Based on gap analysis, customer will get recommendations to make corrective action and improvement plan.
Framework and standard used for this service include: COBIT, ITIL, ISO 20000, ISO 27001, Bank Indonesia Regulation No. 9/15 / PBI / 2007 on Risk Management in the Use of Information Technology by Commercial Banks, and other frameworks.
Business needs to take risk to improve and grow. We need to make sure risks are managed to minimize threats and maximize potential.
Some common risks which need to avoid are : company reputation loss, financial loss, business disruption and legal sue.
We provide professional service to assist company in implementing risk management. The referenced best practices are ISO 31000 (standards for Enterprise Risk Management) and NIST SP 800-37 (Risk Management Framework for Information System).
Business Continuity Management System (BCMS)
We provide organization with the ability to effectively respond to threat of disasters. According to ISO22301, business continuity management system emphasizes on:
- Understanding continuity and readiness needs, as well as the necessity for establishing business continuity management policy and objectives.
- Implementing and operating controls and measures for managing an organization’s overall continuity risks.
- Monitoring and reviewing the performance and effectiveness of the business continuity management system.
- Continual improvement based on objective measurements.
The main purpose initiate BCMS is to prevent any significant impact on reputation of the enterprise, whilst ensuring business continuance and increase business resilience.
This requires the implementation of a Business Continuity Programmed that is an enabling mechanism for information sharing, delivering improvements to the protection of assets and people, and the implementation of plans for major incidents. Our services include on determining Business impact analysist, , business recovery, crisis management, incident management, emergency management and contingency planning.
Cyber Security Penetration Testing
How Secure is your digital asset? This never ending question is faced by organization, since modern business depends on technology. There are threats behind technology and as technologies shift, so does the threat landscape.
Doing cyber security penetration testing, organization reduces risk from technology adoption. This service includes application and infrastructure penetration testing, security awareness and development of cyber security framework. We help you to transform technical findings into remediation steps to protect your digital assets and reputation.
A Penetration Testing will help you:
- Reduce business risk from technology use
- Avoid costly system downtime
- Avoid fines while meeting regulatory requirements
- Get tailored reports to help you priorities remediation for your business.