Risk exposure to corporate information assets grows in silence, in the shadow. Over years incidents occurred, setting computer systems unavailable, corrupting valuable information, exposing confidential information, and resulting in major impacts and loss of revenues to organizations.
When caution arises over its danger the time to question also begins: Where are the major vulnerabilities? What can be the impacts? Which impacts may be accepted? What to protect? How to protect? How to prevent risk occurrence? How to introduce the security and risk attitude? What are the obligations? How to set up governing control objectives? How to ensure compliance to these objectives?
BuSI can help you in addressing this specific domain; for this purpose, BuSI has developed a complete offer in the security domain.
The BuSI team, composed of engineers certified in ISSM, in IRM and in IT security practice can offer you a large panel of IT services and can specifically help you:
The services BuSI can offer you are described as follow:
With a team of several engineers certified CISM, ISO 27799, ISO 27005, ITIL, CMMI, COSO, COBIT, ValIT, EBIOS, RiskIT, ISO19011 and members of ISACA and BISI for certain, the BuSI security Competence Center can address the majority of the topics related below:
The missions or projects in this domain can be covered by « Advice », « Audit », « Assessment », « Project in fixed price », « Training », « Coaching » or by a combination of one or more of this means.
The manner to operate consist in the following steps:
The sizing of the « Security package » depends on the domain to address, the type of services required, the level of requirements and the architecture complexity.
All the missions are largely documented; for example:
The certification of the engineers in several GRC disciplines and the successful projects or missions in the largest companies is the best quality gage. The fact that they can train, certify and coach the customer team is the second relevant quality and confidence warranty.