Identify the specific information threats facing your business environment.
Determine the maturity of existing information risk, people, process and technology controls across the areas within scope.
Highlight key vulnerabilities and risk areas across the organisation.
Validate acceptable information risk levels in accordance with business requirements.
Define a suggested improvement priority road map for the establishment of an Information Risk Management Framework and an Information Security Management System (ISMS) in accordance with ISO 27001:2013 specifications.
Provide a training and awareness programme to transfer skills.
Performing realistic threat testing to ensure the controls are effective.
Ensure a robust incident management programme is in place.
Threat Monitoring Phase
Correlate and analyse event data.
Determine suspicious network behaviour, conduct active network scanning and respond to threats more effectively.