Purposes and deliveries of this service:
With this service, we will help to check the client’s ability to defend cyber attacks on the information system.
Accordingly, we will conduct:
- Cyber-security Guidelines
- Assessment of Network Vulnerability
- Undertaking of Penetration Tests to verify whether IT controls are sufficiently robust to prevent, detect and recover from cyber-attacks.
Delivery of this service is a report that presents our verification opinion on the client’s cyber security status basing on the implemented procedures and our findings, if any, with according recommendations.
Clients of this service are companies whose operation depends very much on the online information network system.
The service is delivered with the following steps:
- Kick-off meeting: We discuss with the client to clearly understand the client’s specific demands and requirements, and then provide full explanation to the client about our approach and processes. We agree with the client about the objectives, scope of services, timing schedules, cooperation mechanism, lists of documents to be provided, significant procedures that need attention, … This step can be done through direct meetings or emails.
- Fieldwork (at clients’ offices): After studying the data and documents provided by the client, our experts will carry out necessary procedures, including: (1) reviewing related documents and conducting interviews to assess the procedures and policies applied by the client for the cyber security, (2) Review the IT system and business model to assess the network vulnerability, (3) Undertake Penetration Tests to verify whether IT controls are sufficiently robust to prevent, detect and recover from cyber-attacks.
- Prepare reports: We will prepare the reports as agreed with the client and then send them to the client for review and comment. Meetings will be followed to explain further about the reports.
- Advise the client: How to fix the weaknesses of their system?