Information Security Assessment for German Data Monetization Company

Problem Statement

Customer pursued CSA STAR certification and a review of the Information Security program to address Investor and customer requirements on information security and cloud security.

Services Delivered

  • Conducted a comprehensive risk assessment, identified risks across organization (Engineering, Facilities, Human Resources, IT Infrastructure etc.) and provided recommendations
  • Reviewed SDLC practices, IT infrastructure setup, regulatory requirements etc. and identified opportunities for improvement.
  • Conducted Business Impact Analysis to identify critical services/products and business operations.
  • Provided CSA STAR Certification Readiness Assessment, identified gaps against Control Areas and provided recommendations.
  • Conducted Vulnerability Assessment and Penetration Testing (VAPT) for IT Infrastructure and Web Applications, identified vulnerabilities and provided recommendations for mitigation.

Value Provided

  • Customer received Silver Certification for CSA STAR
  • Provided the customer A Single Repository for Risks with controls mapping to ISO 27001, CSA STAR, NIST 800-53, COBIT 5.0
  • Identified critical products and services as well as recovery requirements as part of Business Impact Analysis
  • Enhanced Security Posture by identifying security flaws such as authentication, authorization, session management, input validation etc. in applications and infrastructure

Article Written by
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram