As a service company, we’ve gone through several iterations of our service catalogue since our inception. This is natural, as we would add services as we become better at it, and remove services that we feel, do not sync with our overall corporate objectives. That being said, what we do can be surmised into the following categories:
Audit & Assurance
This is our lifeblood and core of what we do. Our audit plans include:
IT General Controls, Change Management, Application Audit, Network Security, IT Continuity and Software Development Life Cycle (SDLC).
We are constantly looking to add more audit programs under our umbrella, including mobile security and social media audit, to address the acceptance of the “BYOD” culture and corporate internet marketing.
Our compliance service is more focused to specific standards, including:
ISO27001 (ISMS), PCI-DSS, SSAE16/ISAE3402 (formerly SAS70), ISO20000, BSA Compliance, ISO9001 and ISO14001. We have also consulted on local compliances such as BNM’s GPIS 1: Guidelines on Management of IT Environment.
Under this service, we have also dedicated risk practitioners to help our clients through their risk management journey for enterprise (ISO 31000) or the more IT specific ISO27005.
We have a dedicated project management team, with requisite experience and certifications to immediately participate in projects as Leaders, Analysts or the entire PMO (project management office).
We have recently ventured into special services for technology, based on consistent requests from our clients. We now offer IT Forensics and Investigation; Penetration Testing and Vulnerability Assessments; and Business Intelligence and Analytics Consulting.