Our Services portfolio is being offered broadly at the following levels that can help an Organization attain its business goals.

• Strategic level
  • Defining the Security Organization and providing guidelines
  • Defining the security framework and roadmap
• Tactical level
  • Manpower resources
  • SOC services
• Operational level
  • Complete information security  auditing including penetration tests, thorough application security audits, network audits, Systems Audits, gap analysis, recommendation and road map.
  • Designing and developing information security policies, procedures and work instructions

Information Security

Information Security is simply securing your information. As the name stands it is about business information and there is a myth that Information Security is an IT department responsibility. It is not. It is about the whole company, whole business. Information security deals with how far and with what controls you need to secure the information so that you do not overdo it or under do it.

The kind of controls to be incorporated depends on the business scenario and can be based on a Risks Management approach so that the cost of the controls does not exceed the cost of the asset itself.

We offer our Consultation in the following areas:

• ISO 27001
• ISO 27001 Gap Analysis and the Roadmap
• Information Security Policies & Procedures Formulation
• Risk Assessment
• Business Continuity Plan (BCP)
• Disaster Recovery Plan (DRP)
• Sarbanes Oxley Act (SOX)
• Health Insurance Portability and Accountability Act (HIPAA)
• PCIDSS

ISO 27001 Consultancy

ISO 27001 is an internationally accepted standard for information security. Nbiz infosl is capable of delivering consultancy services pertaining to ISO27001 and can also help organizations achieve this certification. It follows the same standard PDCA cycle as it is a process focused methodology.

ISO 27001 Gap Analysis And the Roadmap

To put it simply the Gap Analysis pertaining to the IS Security can be done in the following phases:

1. AS-IS - To analyse the current scenario and understand the IS environment after understanding the business goals.

2.To-Be- To identify and understand where the organization wants to reach in terms of its IS security goals derived from the corporate goals.

3.Planning - In order to reach the target as identified in step2 to provide the detailed planning and road map on how to reach the target in a realistic way. This step is the core of GAP Analysis step and the roadmap document provides the bleuprint of bridging the Gap between the ASi-IS stage and the To-Be stage.

4.Execution- To provide the resources and assistance wherever required in order to execute the steps as planned.

5.Montior and Continuously Improve- Providing the metrics and KPI in order to monitor the executed processesthereby continuously improve with the detailed analysis of the outcomes.

Nbiz can help the organizations in any of the above areas.

Information Security Policies & Procedures Formulation

Nbiz can provide the necessary resources and assistance in order to formulate the entire IS security prolcies and procedures.  We can also provide the complete knowledge transfer in order to operationalise the processes in the organisations.

Risk Assessment

The Risk Assessment pertaining to the Information Technology unit of a given organization can be performed as a seperate exercise.  We can follow the best methodology available in the market such as NIST standard, Cobit etc., depending on the requirements of the organization.

BCP/DRP

Today every business faces a very big challenge and lot of risks in order to just run their business operations in a smooth way.  BCP is a systematic way to address these challenges and provide the processes,procedures,policies and other necessary elements to ensure that businesss can run smoothly and to minimise the interruption to the maximum extent possible.  Its actually addressing the whole Business requirements and not IT element alone.  IT is an integral part like any other unit in the business.  Nbiz will help such companies to have a BCP and DRP in place so that companies do not have SURPRISES to meet and can focus on their CORE Areas than to be reactive whenever such SURPRISES occur.  Companies can be proactive and be Due Diligent in addressing such challenges and sustain their business.

SOX/HIPAA/PCIDSS

Nbiz can help comapnies in order to meet their regulatory,complaince requirements.   Regulatory requirements such as SOX, HIPAA etc., can be implemented with the help of our consultants.  Standards such as COBIT can be used in order to implement such controls requirements.  Nbiz has the expertise in providing consultancy services in these areas.