OUR SERVICESInformation Security and Cybersecurity
GRC – Governance, Risk, and Compliance
NIS 2 Compliance
Information Security Roadmaps
Information Security Frameworks
CISO as a Service
Business Impact Analysis (BIA)
Business Continuity Plans (BCP)
DORA Compliance
GDPR Implementation
ISO 20000
ISO 27001
ISO 27005
Cybersecurity Frameworks (NIST – National Institute of Standards and Technology)
How we help
1
INITIAL ASSESSMENT
AND GAP ANALYSIS
- Assessment and identification of vulnerabilities, and assess real business risks. Gap analysis between As-is situation and framework requirements.
2
DEVELOPMENT OF SECURITY
AND GOVERNANCE PROGRAM
- Development of security and governance program, considering the framework definition and the assignment of responsibilities.
3
IMPLEMENTATION
OF ISMS
- Implementation of Information Security Management System, including policies and procedures definition and technologic support controls.
4
PREPARATION FOR CERTIFICATION
AND FOLLOW UP
- Preparation for certification and follow up through compliance validation and the implementation of corrective actions.
Case studies
Maturity and Compliance Assessment with ISO27001
Sector: Public | Geology
Detailed evaluation of the current LNEG situation related to information security. Analysis of its maturity level and presentation of a transformation plan identifying the main initiatives to be implemented to ensure compliance, with ISO 27001, 27002 and 27005 Frameworks.
Detailed evaluation of the current LNEG situation related to information security. Analysis of its maturity level and presentation of a transformation plan identifying the main initiatives to be implemented to ensure compliance, with ISO 27001, 27002 and 27005 Frameworks.
Implementation of Information Security Management System (ISMS)
Sector: Public | Aviation Control
Assessment of initial situation and evaluation of client’s maturity for implementation of an Information Security Management System compliant with ISO27001, NIST, GDPR and aligned with the digital transformation Company Strategy.
Assessment of initial situation and evaluation of client’s maturity for implementation of an Information Security Management System compliant with ISO27001, NIST, GDPR and aligned with the digital transformation Company Strategy.
GDPR Compliance assessment
Sector: Public | Education
Assessment for characterization of initial maturity level and definition of a transformation plan to ensure compliance with General Data Protection Regulations (GDPR).
Assessment for characterization of initial maturity level and definition of a transformation plan to ensure compliance with General Data Protection Regulations (GDPR).
GDPR Compliance quick assessment
Sector: Sports
Quick assessment for identification of non-conformities, characterization of maturity level and definition of improvement actions to ensure compliance with General Data Protection Regulations (GDPR).
Quick assessment for identification of non-conformities, characterization of maturity level and definition of improvement actions to ensure compliance with General Data Protection Regulations (GDPR).
Process re-engineering and identification of risks and controls based on operational and information security risks
Sector: Insurance |Life Insurance
Operational support for the documentation of business processes its risks/ controls, considering different risk types (Information Security, Compliance, Operational Risk) through the application of a methodology for gathering information on the implementation of internal processes, reviewing them and identifying opportunities for improvement.
Operational support for the documentation of business processes its risks/ controls, considering different risk types (Information Security, Compliance, Operational Risk) through the application of a methodology for gathering information on the implementation of internal processes, reviewing them and identifying opportunities for improvement.
Implementation of the Risk Management Model and GRC Solution
Sector: Insurance |Life Insurance
Definition of Risk Management Model and implementation of its Governance, Risk & Compliance Solution in an Insurance Company, in Spain. In this project we were responsible for process design, risk characterization (Operational and Information Security risks), definition of TOP 10 risks, definition of dashboards and ensure GDPR Compliance.
Definition of Risk Management Model and implementation of its Governance, Risk & Compliance Solution in an Insurance Company, in Spain. In this project we were responsible for process design, risk characterization (Operational and Information Security risks), definition of TOP 10 risks, definition of dashboards and ensure GDPR Compliance.
Installation, Configuration and Training of a GRC Solution
Sector: Public
Installation, configuration and training of an Internal Control Software, in Dubai, considering different topics of a Risk Management Global Model, within the components of Risk Management (Information Security, GDPR, Operational and Compliance), policies, procedures, regulations, incidents and Internal Audit Process.
Installation, configuration and training of an Internal Control Software, in Dubai, considering different topics of a Risk Management Global Model, within the components of Risk Management (Information Security, GDPR, Operational and Compliance), policies, procedures, regulations, incidents and Internal Audit Process.
