Security Governance, Risk, Compliance and Business Continuity services to support clients in IT security governance within the company, IT risk management in compliance to sector regulations/standards
(es: Privacy, ISO 27001, PCI DSS).
Security Strategy Development
Assessing current IT security maturity within a company context (both at an organisational and technical level) and defining the multi-year strategies and programmes required to achieve the desired model incrementally and efficiently.
Security Governance Design
Defining the models and tools (e.g. processes, policy, procedures, metrics, etc.) for efficient governance and management of IT security within the company context.
Security Risk Management
Defining a framework for IT risk governance by defining and implementing methodologies, policies, processes and tools that facilitate the appropriate identification, assessment and management of IT risks.
Security Compliance Assurance
Verifying conformity to security regulations and/or standards (e.g. Privacy, ISO 27001, PCI DSS, Bank of Italy regulations etc.) in order to identify potential shortcomings and corresponding remedial action.
Security Awareness & Training
Preparing and delivering training sessions (classroom/e-learning) aimed at raising staff awareness of the key areas and challenges in IT security and/or improving the technical preparedness of IT staff to identify and effectively counteract key threats/vulnerabilities.
Consultation aimed at supporting Information Security company structures in conducting and managing operational activities (e.g. PMO, operational protection).