Risk Management

• Risk Assessment
• ISO 27001, GLBA, HIPAA, DPA,FISMA, BS 25999
• Software Asset Management

PCI Compliance

• QSA Validation Services
  (PCI-DSS)
• ASV Scanning Services
• PA DSS Validation Services
  (PA-DSS)

Technical Security Services

• Application VA and Pen Test
• Secure Code Review
• Network VA and Pen Test
• Forensics

ISO 27001, GLBA, HIPAA, DPA,FISMA, BS 25999

ISO 27001

Information is critical to operate the functions and maintain the continuity of the business. ISO/IES 27001 certificate helps organization to manage and protect the valuable information assets and give confidence to customers.

We provide professional consultancy services as per the ISO 27001 standard. Our highly experienced and dedicated team provides easy to implement methods and artifacts to help organizations comply with the standard in a very structured manner and attain certification. We also leverage our ISO 27001 consulting knowledge with SMART tool (www.sisasmart.com) for automating the ISO 27001 Compliance.

BS 25999

"80 % of the Organizations without a Business Continuity/ Disaster Recovery Plan is not able to survive after the disaster'.

Continuity of operations in most challenging and unexpected circumstances, whether due to a major or minor disaster, is a basic requirement for any organization. BS-25999 is the world's first standard for business continuity management (BCM) developed by BSI. It helps organization to maintain the continuity of the mission critical operations and quick recovery at the time of disaster.

We designed Business Continuity and Management System to help organizations to continue their mission critical process and operations during the most challenging and unexpected circumstances. Our superior methodology provides practical parameters (imaginary scenario) to the organization to assess the business impact and way to steady and fast recovery at the time of negative occurring.

GLBA

The Graham-Leach-Bliley Act (GLBA) requires financial institutions to secure the private financial information of customers. The law instructs financial institutions to secure and protect customer's private financial information against any anticipated threats of hazards.

Our expertise in audit and consultancy helps financial institutions to perform their information security task to meet GLBA obligations.

DPA

Data protection Act is the legislation that governs the protection of personal data. All organizations those store or processes personal information of customers must comply with Data Protection Act. To comply with DPA is legal requirement.

Our experienced Data Protection consultants help organizations to assess the current level of compliance, determine the gaps and keep organization compliant thereafter.

FISMA - Federal Information Security Management Act

FISMA was established in order to develop a range of crucial security guidelines and standards as required by Congressional legislation. The act recognized the importance of information security to the economic and national security interests of the United States Initially. FISMA consists of a set of directives governing what security responsibilities federal entities have, and it outlines oversight and management roles to the implementation of those directives. FISMA compliance is only mandatory for organizations that handle federal data. FISMA is a law and is enacted under the United States Federal Law of 2003, under the E-government act.

The paperwork involved in FISMA compliance is significant (particularly in the area of compliance assessment). SISA has been associated in guiding customers from all over the world in implementing the standards and guidelines for ensuring compliance with FISMA. With our extensive experience in information security and implementation of guidelines for various standards, SISA has the ability to guide and help customers implement the standard.

HIPAA - Health Insurance Portability and Accountability A

HIPAA seeks to establish standardized mechanisms for electronic data interchange (EDI), security, and confidentiality of all health care-related data. The Act mandates: standardized formats for all patient health, administrative, and financial data; unique identifiers (ID numbers) for each health care entity, including individuals, employers, health plans and health care providers; and security mechanisms to ensure confidentiality and data integrity for any information that identifies an individual.

The HIPAA security rules force health care firms to protect sensitive health care information. The identity of the data owner has to be safe guarded more than the data by itself. The security rules should guard against identity theft and data security breaches. The SISA team understands the practicalities in safeguarding such sensitive information and is committed to helping the health care and related communities provide better services effortlessly.