360GRC Demo    FAQ's    Contact Us
360 GRC Services
»  Audit                                »  Security Breach
»  Compliance                     »  IT Vulnerability Assessments
»  Staff Augmentation     »  Certifications
Compliance
360 GRC will perform an annual risk assessment of your technical environment. The risk assessment results will also provide valuable information necessary to assist management in the development, maintenance and testing of an effective Business Continuity Plan in the event of a business disruption.

IT Vulnerability Assessments

In addition to the annual risk assessment process, 360GRC will perform frequent and extensive vulnerability assessments of the following areas:
  • Firewall Security
  • Router Security
  • Web Server Security
  • Application Security
  • Wireless Security
  • Database Security
  • Telecommunication Security
  • Operating System Security
  • Password Strength
  • Desktop Security
  • Intrusion Detection Systems
  • Network Traffic Analysis
Is your organization planning to be ISO/IEC 17799:2000 and BS 7799-2:2002 certified? These standards require that an effective continuous monitoring approach be implemented.
  • 360GRC's methodology is based on BS7799/ISO17799 (Plan, Do, Check, Act) framework.
  • Organizations that adopt the C.A.M. approach are equipped with an effective security process that will lead towards ISO/IEC 17799:2000 and BS 7799-2:2002 certification.

Deliverables

Executive Summary: This report is intended to summarize for management the audit objective and scope, testing approach and results, and what the potential implications are to your organization.
  • Heat Map: This is a brief document summarizing each area reviewed with its respective color coded risk classification. This will provide you with a visualization of your organization's strengths and weaknesses.
  • Rating: Each area we test will be evaluated based on a risk based formula which measures impact to the organization and likelihood of occurrence. Quantitative measurements will give management a better perspective of areas that are better controlled than others.
Detailed Technical Report: This report is intended for the IT staff to understand the risks involved with:
  • The processes and systems evaluated.
  • Testing methodology and approach.
  • Control deficiencies.
  • A sound and cost-effective solution that will mitigate the risk to a level that is acceptable to the organization's guidelines.
Progress and Benchmark Report: This report is issued after follow-up audits of systems previously reviewed and will illustrate to management:
  • The degree of corrective action implemented to mitigate or eliminate reported risks from prior audits and assessments.
  • Differences between prior and current audit results presented in graphical and narrative formats.
Risk Environment
Read more
Manchester Benefits

»   Almost Immediate ROI
»   Reduced time to audit
»   Decreased risk footprint
»   A less burdened staff
»   More Successful results
Read more
Product

»   Identifies non-compliant
     configurations
»   Rates the severity of the risks
»   Trends the risk footprint over time
»   Provides root cause analysis and
     recommends a remediation plan to
     effectively address each risk
Read more
Stay updated, follow us    Facebook  LinkedIn  eBloger  Twitter  Digg  YouTube
© Copyright 2010. All rights reserved. 360GRC   /   Team behind this project Q2C