Consulting service
Provide a systematic consulting services ranging from application security diagnosis, penetration testing, infrastructure vulnerability analysis, etc.
Establish security management system
  • Establish an information security framework based on information security governance
  • Establishment and management of information security management system in accordance with corporate strategy and vision
Establishment of master plan
  • Establishment of a long-term information security plan to maintain the strategic information security activity and security level
  • Establishment of optimal master plan through analysis of the status of information security of companies and budget schedule effect
Security check and level diagnosis
  • Development and application of checklist and interpretation of status and regulations applicable to enterprises
  • Checklist based implementation of information security according to company regulations
Benefits
Satisfying Compliance
Establish security management system
Improve the level of security
Step
Preparation
  • Kick-off meeting
  • Identify environment and requirements
  • Define scope
  • Awareness training
Status analysis
  • Document and status analysis
  • Gap analysis
  • Technical vulnerability analysis
  • Compliance analysis
Risk analysis
  • Asset analysis
  • Threat·vulnerability analysis
  • Risk assessment
  • Establish improvement plan
System design
  • ISMS design
  • Revision of policy and guidance
  • Establish implementation plan
  • Preparation of measures
Implementation and improvement
  • Establish master plan
  • Training
  • Process optimization
  • Mock test (Internal security audit)
Contact Sparrow