Security Audit is a consulting and data network evaluation that detects the potential of vulnerabilities from the information flow within the company, as well as the one from the relationship with external customers.
Security Audit has the following options:
- Consultancy for Obtaining Certification for ISO 27001:2005 - Consists in activities developed with the team assigned by the beneficiary to implement a system management of security information (SMSI);
- Penetration Testing service - Consists in evaluation the system security, application, network or defined infrastructure (the target evaluation) evaluation which is under customer responsibility by simulating an attack on them. This process involves an active analysis of target assessment to discover and even exploit its vulnerabilities, to determine the probability and the impact of an attack from an entity with harmful intentions. Romtelecom proposes organizational and technical measures in order to reduce the risk of an attack on business;
- Vulnerability Assessment - Consists in activities of identifying, quantifying and prioritizing the vulnerabilities of IT system (computers, networks, and communications). In this context, the vulnerability represents a system weakness which can affect confidentiality, integrity or availability of information / data system if it is exploited by a person with harmful intentions;
Benefits:
- maximize profits and organizational perspective;
- providing increased confidence to customers and business partners;
- giving managers a better control over information flows within the organization;
- competitive prices;
- offering the possibility to meet all the eligibility conditions in auctions where ISO 27001:2005 certification is one of the criteria;