The implementation of industrial standards and best practices in information security facilitate the organization in streamlining the internal processes and technologies, resulting in safeguarding of organizational assets, continuous operations, increase in the efficiency and overall business.
Valiant ensures that the gaps and weaknesses in the ongoing processes, technical configurations and operations are well identified and acted upon in a timely manner. These audits may or may not be against any particular standard but covering various best practices and standards which are best suited for that business and organizational IT infrastructure.
A comprehensive assessment of the existing Security Audit will be undertaken, including a review of the various IT processes and procedures within the organization. Global best practices such as ISO 27001:2005, COBIT, TCSEC, ITSEC, ISO 15408 (where appropriate) and ITIL v3 will be considered as bench marks for comparison. As we gather more insights into the security policy and architecture of the client organization, it is likely that we might consider using COSO, ISO-31000 (on an as-is-where-is basis) and ISSAF also as possible standards to benchmark the security architecture, policies and processes.
The approach to this phase is divided into sub components and it is given in the following schematic.