Consulting and Professional Services

Information Security Governance

The Information Security Governance is fundamental to permit the objectives are achieved. Consists of several structures of relationships and processes, integrates corporate governance of companies. Information Security Governance of [SAFEWAY] meets the necessary tools to ensure the security of your company through the adoption of policies, controls and best practices such as ISO / IEC 27001, COBIT, ITIL and ISO / IEC 20000.

  • Logical Structureand Functional
  • Master Plan
  • Metrics and KPIs
  • Processes and Workflows
  • Management and Risk Analysis
  • Compliance Management

Security Architecture

The establishment and maintenance of Security Architecture is essential for the Security Information Management.Policies, standards and procedures should be reviewed, updated and disseminated.Compliance guidelines should be ensured through processes aligned to the infrastructure and business model.

  • Policies, Standards and Procedures
  • Awareness and Training Campaigns
  • Security Baseline and Hardening
  • Parameterization Technology
    • Endopoint
    • Web
    • Database
    • Identity
  • Perimeters Insurance
    • VPN
    • Intrusion Detection System-IDS
    • Data Loss Prevention-DLP
    • Tokens
  • Multifunctional

Business Continuity Management

Minimize the impact of eventualities that may affect its operations.

By managing the creation, maintenance and execution of the business continuity plan, from a cyclical and continuous process, you protect all operations and company information. Mitigate risks that may impact their business with the definition and implementation of effective and efficient strategies.

  • Risk Analysis
  • Impact Analysis Business (BIA)
  • Contingency Office
  • Processes of BCM
  • Recovery Strategies
  • Business Continuity Plan (BCP)
  • Operational Continuity Plan
  • Disaster Recovery Plan (DRP)
  • Crisis Management Plan
  • Emergency Response Plan
  • Crisis Communication Plan
  • Recovery Plans
  • Training
  • Tests

Identity and Access Management

Control accesses to efficiently systems with Identity and Access Management (Identity and Access Management). Essential to your business, manages the entire lifecycle of digital identity of users.

  • Logical Access processes (Concession, Revocation, Modification, Suspension, Restoration, Review and Password Recovery)
  • Bottom-Up Analysis
  • Top-Down Analysis
  • Segregation of Duties Analysis
  • Definition Roles and Functions
  • Access Profile Design
  • Identity and Access Management Tools

Security, Vulnerability and Fraud Management

Eliminate small problems before they become large and complicated questions. The Security Management, Vulnerability and Fraud actively analyzes through monitoring activities, risk mitigation and attacks in the IT environment.With reporting for audit and compliance, facilitates taking actions in order to protect the organization from fraud and threats.

  • Forense Analysis
  • Data Analysis
    • AntiFraud
    • Journal Entries
    • Computer Assisted Auditing Techniques (CAAT)
    • Correlating Events
  • Vulnerability Management
  • Information Security Diagnosis
    • Social engineering, desk and clear screen, assessment of knowledge
    • Gap Analysis /Walkthroughs Architecture of IS X real processes X frameworks/norms/standards
    • Vulnerability Analysis and intrusion testing for infra and applications.
  • PCI
    • Evaluation/Remediation QSA
    • Evaluation/Remediation ASV
  • SAP Security Check

share on