IntiGrow can help you assess your current information security posture with this free no-charge assessment.

  • Do you have a comprehensive risk strategy?
  • Does your risk strategy address the three main risks: external, internal and preventable?
  • Are you confident that there are no gaps in risk coverage?
  • Are you confident that risk responses and compliance activities are optimized across the organization

If the answer to any of these questions is “no,”  it is time to call intiGrow.

Review the offering details below and if it seems like something that will help you, give us a shout!!

Scope of Work

IintiGrow would conduct a dipstick review of the following key areas at one of your location and/or remote:

  • Information security policies

Information security policies shall be reviewed and recommendations regarding improving the same shall be given.

  • Organization of information security:

Current information security organization with regards to the various information security roles and responsibilities shall be accessed. We shall also review teleworking and/or BYOD policies if present.

  • Personnel security:

Practices regarding screening of employees, the disciplinary process during employment and off boarding process of the employees shall be audited.

  • Assets & Configuration management:

The identification of various assets and their handling shall be assessed along with the policies related to asset management. Information classification and labeling of information shall also be reviewed.

  • Access control:

Access control procedures shall be assessed. The procedure to create user access, grant user privileges and revocation of user privileges shall also be assessed.

  • Cryptography

If applicable, process to handle cryptographic keys and other cryptography related controls shall be reviewed.

  • Physical and environmental security:

Physical security controls shall be assessed to ensure unauthorized access is prevented. Equipment and cabling security shall also be reviewed.

  • Operations security:

Standard operating procedures and change management procedures shall also be reviewed. backup procedure shall be reviewed along with the logging and monitoring activities.

  • Communications Protection:

Network security with regards to network segregation, security of network services, and email security shall be assessed.

  • System & Services acquisition, development:

Information security practices in development and in project management shall be assessed.

  • System maintenance:

Policies and procedures of Maintenance of Information Systems

  • Supplier relationships:

Setup with regards to suppliers and the way information security is handled in supplier relationship shall be assessed.

  • Incident Response:

Incident management procedure shall be reviewed, along with the procedure of reporting information security events.

  • Contingency Planning

Current setup with regards to BCP/DR shall be assessed and recommendations shall be made to improve the procedure.

  • Compliance:

Compliance with internal requirements, such as policies, and with external requirements, such as laws & regulations

Deliverables:

A comprehensive report covering below key information:

 

  • Compliance status of the assessed area
  • CRisk rating for each findings
  • CKey observations and recommendation for the assessed area and the findings

Timelines:

  • Onsite assessment timeframe would vary from 1 to 3 business days.
  • The final report shall be submitted within 5 business days after the audit has been completed.

Download Section

Our domain expertise, process management skills and change management capabilities provides customized solutions to help YOU gain competitive edge

© 2017 intiGrow. All rights reserved.

Click Me