Enterprise Compliance Preparation2021-06-24T12:38:31+00:00

Compliance Preparation for Enterprise Companies

Compliance readiness and rapid change adoption across BUs is imperative in today’s heavily regulated information security sector. Our team is highly trained to evaluate your readiness to adapt and respond to new regulations and communicate them successfully across the entire organization. At the same time, we intend to highlight information security and operational security best practices. Our goal is to assist you to run an information security management system (ISMS) according to ISO 27001/ISO 27002 and align to other compliance requirements such as GLBA, FINRA, SOX, GDPR as well as SOC1 and SOC2. This includes defining and writing procedures, best practices and help with implementing organizational and technical controls that are mandated by ISO 27002 or NIST 800 series. We provide a fully tailored service according to your threat model, risk profile, and specific organizational issues.

Web application security and the development of information security practices inside an organization is a continuous and never-ending project. Pricing is developed as a plan where the client has access to PreCog Security’s engineers and staff of advisors, testers, reviewers, and implementers.

Enterprise Questionnaire

/10

1 / 10

Do you have a documented and available set of updated and current procedures for security and IT management in your organization? This includes documents on data integrity, business conitnuity, incident response, physical security, etc

2 / 10

Is there a person or IT team primarily responsible for managing security initiatives within your organization?

3 / 10

Do you have a prepared and tested Business Continuity/Disaster Recovery plan?

4 / 10

Do you have a prepared and tested Incident Response Plan (including handling, monitoring and reporting of the incident)?

5 / 10

Do you have an ongoing security training (security awareneess, email phishing, etc) specific for the employees responsibilities?

6 / 10

Are you performing vulnerability assessments, penetration testing and vulnerability management on information system assets (network, website, endpoints, servers, sowtware, web applicaitons,etc)?

7 / 10

Are you performing regular inventory of all IT assets (hardware and software)?

8 / 10

Do you manage the security and access restrictions of your wireless networks?

9 / 10

Are you employing anti-malware and other security controls such as firewall, data loss prevention, intrusion detection/prevention systems across your environment?

10 / 10

Are you compliant ready - do you have documentation and processes in place for the audit?