Techrizon offers the following Information Security solutions:
Standards Based Assessment
The Standards Based Assessment (SBA) is a full spectrum assessment that addresses not only the technical issues of risk management, but also assesses the compliance and people aspects of the information security process. The SBA provides a comprehensive evaluation of the overall risk posture of an organization, identifying deviations between an organization's current information network security and the 127 requirements of the ISO 17799 standard.Technology Based Assessment
The Technology Based Assessment (TBA) focuses on the technical aspects of risk management and provides a first-step approach to information security. The TBA concentrates on vulnerabilities that are associated with your computer hardware, software, and network connectivity. This solution offers companies a cost effective means to address the technical issues surrounding information security, which can account for up to 70% of an organization's vulnerabilities.
After Action Review
The After Action Review allows organizations to update their initial risk assessment with a re-evaluation as often as needed for up to 18 months following a Technology Based Assessment or a Standards Based Assessment. The After Action Review allows organizations to stay current as their information network changes. This approach provides a cost effective means for organizations to extend their information security protection period.Penetration Testing
Penetration testing involves security-oriented probing of a computer network to identify vulnerabilities that an attacker could exploit. The testing process involves an exploration of all external security features of the system, followed by an attempt to penetrate security and gain access to the system. Testers use the same methods and tools as a real attacker. Afterwards, the penetration testers report on identified vulnerabilities and recommend steps to make the system more secure.Branch Assessment
Branch Assessments are performed on targeted branch locations, identifying vulnerabilities specific to the areas of Personnel Security, Business Continuity Management, Physical and Environmental Security, and Organizational Security.
Techrizon Uses a Four Phase Risk Assessment Process
Information Gathering includes - Review policy and procedures, obtain network access, approve scope of work, assign primary contacts, establish baseline standards, and collect information / data.
Vulnerability Analysis includes - Identify assets, create test procedures, perform tests (consisting of scans, interviews, and observation), identify vulnerabilities, assign risk levels, identify countermeasures, estimate remediation costs, and develop recommendations.
Risk Assessment includes - Assess vulnerabilities, prioritize vulnerabilities, and assign criticality levels.
Documentation includes - Preliminary findings brief, risk assessment report, and formal management brief.
