-
Description
- (1)Cybersecurity Audit
- We help business to defend against unknown and build cyber resilience from inside out. Our cybersecurity audit provides an overall understanding of security implementation in the organization. IT governance and operation management with technical security controls and implementation would be reviewed to identify any cybersecurity risk within the organization. Audit criteria might reference to the ISO 27001 Information Security Management System, NIST Cybersecurity Framework, HK ISPG-SM01 Security Risk Assessment and Audit (Formerly known as G51), and other international requirements.
- (2)Technical Cybersecurity Assessment
- Technical assessment would be carried out to identify technical and security flaws in the IT environment. Our solution and testing scope would be designed by our certified professional as to provide confidence in the adequacy and coverage. We provide wide range of technical assessment services which include but not limited to:
- 1、Vulnerability Assessment and Management Program
- 2、Web / Mobile / App / Network Penetration Testing
- 3、Mock Phishing Assessment
- 4、Technical Architecture Review and Performance/ Load Test
- 5、Static Code Review
- 6、IT Forensic and Security Incident Assessment
- (3)Privacy Impact & Compliance Assessment
- Data subject right, cross-border information transfer, personal data safeguard would be reviewed by our privacy expert. We evaluate and analyze the privacy control design and validate the implementation to identify any incompliances in accordance with the applicable privacy regulation across the globe. These regulations might include:
- 1、HK - Personal Data (Privacy) Ordinance
- 2、CN - Personal Information Protection Law (PIPL)
- 3、EU - General Data Protection Regulation (GDPR)
- 4、US - California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
- 5、Other privacy acts
