What we offer?

Cyber.jpgPCI DSS audit and consulting

Being Qualified Security Assessor (PSI QSA) and PCI Approved Scanning Vendor (PCI ASV) Company accredited by PCI Security Standards Council, we assist our clients with readiness in complying with the PCI Data Security Standard.

Penetration testing services

Our four most popular penetration testing services are Infrastructure, Wireless, Mobile Devices and Applications. There are three main types of penetration tests: Black Box, Grey Box, White Box.

ISO 27001 audit and consulting

We offer the following services: ISO 27001 compliance gap analysis, ISO 27001 implementation, ISMS internal audit in accordance ISO 27001, ISO 27001 compliance audit.

ISO 27032 Cybersecurity program

We offer the following services that help to enhance the ISMS and/or cybersecurity environment: Gap analysis in accordance with ISO 27032, Risk assessment in in accordance with ISO 27032, ISO 27032 Cybersecurity program development and implementation assistance.

SWIFT assurance and security services

We help our clients comply with the SWIFT security requirements through provision of a wide range of services including: audit of the 16 mandatory and 11 optional SWIFT controls, gap analysis of clients’ current state and development of a target state roadmap, review clients’ information security framework and propose additional improvements, assess the clients’ current IT controls in place in accordance with SWIFT security requirements, selection and implementation of SWIFT and third-party security tools, vulnerability scanning of all related SWIFT applications and interfaces

GDPR implementation and audit

The General Data Protection Regulation (GDPR) is the EU’s new data protection law that governs all businesses operating within the union and embed a more consistent approach to data protection. We assist the companies in complying with the requirements of GDPR.

Professional training and certification with PECB

As an Armenian partner of the Professional Evaluation and Certification Board (PECB), we organize professional qualification courses in the following areas: ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, ISO 27032 Lead Cybersecurity Manager, ISO 31000 Risk Manager.

System and Organization Controls (SOC 2/SOC 3) reporting

The SOC2/SOC3 are reports based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) and existing Trust Services Criteria (TSC).

Based on our range of services, we focus on the Common Criteria (which include Security) and/or the additional criteria in evaluation of clients’ Availability, Confidentiality, Processing Integrity and Privacy. We assist our clients in complying with Trusted Services Criteria – providing advisory and/or SOC2/SOC3 examination/attestation services.

SOC for Cybersecurity

We assist our clients in assessment of compliance with SOC cybersecurity requirements, which demonstrate that the organization has effective controls in place to detect, respond to, mitigate and recover from breaches and other security events.


list item with text on the right

Grant Thornton is the Armenian partner of CyBourn global cybersecurity company

list item with text on the right

Grant Thornton is accredited as a member of CREST

list item with text on the right

Grant Thornton is approved SWIFT Accredited Security Auditor

list item with text on the right

Grant Thornton is PCI Approved Scanning Vendor (PCI ASV), accredited by PCI Security Standards Council

list item with text on the right

Grant Thornton is PCI Qualified Security Assessor Company (PSI QSA), accredited by PCI Security Standards Council

list item with text on the right

Grant Thornton is approved as a PCI 3DS assessor, as well as a PCI Qualified Pin assessor