Risk Assessment and Policy Development - STIGroup conducts a review of your business processes and the associated information flow is conducted in order to establish the risk to the business represented by current and anticipated threats to the security of your information. By clarifying the risk, information sensitivity and criticality levels are defined that form the basis for development of an effective Information Security Policy. A formal Information Security Policy is then developed which defines the controls, both technical and procedural, that ensure the confidentiality, integrity, availability, and accountability of the information within your organization.

• Business Process Review
• Data Flow Analysis
• Information Security Threat Analysis
• Regulatory Requirements Review
• Policy Gap Analysis
• Information Classification
• Administration Policy
• Assurance Policy
• Usage Policy
• Incident Response Procedure

Audit and Vulnerability Analysis - STIGroup conducts a thorough analysis of your systems and associated processes to measure their resistance to internal and external threats. All aspects of your technology environment are reviewed and tested for compliance with industry-specific regulations as well as existing corporate, partner, and/or customer standards and policies. The deliverables from this phase of the process emphasize the structuring and prioritization of recommendations for addressing identified threats and achieving compliance with existing regulations, standards, and policies.

• Internet Penetration Test
• War Dialing
• Infrastructure and System Configuration Audit
• VoIP Security Audit
• Application Security Audit
• Vulnerability Scanning
• Wireless Network Audit
• Policy & Procedure Audit
• Regulatory Compliance Audit