Information security audit

Design, creation, implementation and service of the complex data protection systems:
  • analysis of the progress on ensuring the information security (capabilities, needs);
  • design, implementation and service of the confidential records management systems (confidential workflow);
  • development of the advisory set of measures to ensure the information security;

Ensuring the organizational information protection:
  • analysis of the existing documents, regulating the information security;
  • development of the basic templates of the information security documents (amendments to the Charter, Regulation on the information security, List of information, constituting the business secret, Regulation on the business secret handling procedures); follow-on revision of the information security documents subject to the special natures of the customers’ records management;
  • development of the employee job descriptions;
  • development of the regulations for the work of persons responsible for the information security.

Ensuring the software and hardware data protection:
  • audit of the network security;
  • development, implementation and service of a set of measures to ensure data protection in LANs;
  • setup of the anti-penetration protection systems (software and hardware firewalls, notification systems);
  • setup of the antiviral protection;
  • setup of the control systems and record of access to the information resources (Internet, printing, file resources, databases, including 1C, e-mail, telephony);
  • setup of the system for online control over the user actions;

Ensuring the engineering information security. ·