What we offer?
PCI DSS audit and consulting
Being Qualified Security Assessor (PSI QSA) and PCI Approved Scanning Vendor (PCI ASV) Company accredited by PCI Security Standards Council, we assist our clients with readiness in complying with the PCI Data Security Standard.
Penetration testing services
Our four most popular penetration testing services are Infrastructure, Wireless, Mobile Devices and Applications. There are three main types of penetration tests: Black Box, Grey Box, White Box.
ISO 27001 audit and consulting
We offer the following services: ISO 27001 compliance gap analysis, ISO 27001 implementation, ISMS internal audit in accordance ISO 27001, ISO 27001 compliance audit.
ISO 27032 Cybersecurity program
We offer the following services that help to enhance the ISMS and/or cybersecurity environment: Gap analysis in accordance with ISO 27032, Risk assessment in in accordance with ISO 27032, ISO 27032 Cybersecurity program development and implementation assistance.
SWIFT assurance and security services
We help our clients comply with the SWIFT security requirements through provision of a wide range of services including: audit of the 16 mandatory and 11 optional SWIFT controls, gap analysis of clients’ current state and development of a target state roadmap, review clients’ information security framework and propose additional improvements, assess the clients’ current IT controls in place in accordance with SWIFT security requirements, selection and implementation of SWIFT and third-party security tools, vulnerability scanning of all related SWIFT applications and interfaces
GDPR implementation and audit
The General Data Protection Regulation (GDPR) is the EU’s new data protection law that governs all businesses operating within the union and embed a more consistent approach to data protection. We assist the companies in complying with the requirements of GDPR.
Professional training and certification with PECB
As an Armenian partner of the Professional Evaluation and Certification Board (PECB), we organize professional qualification courses in the following areas: ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, ISO 27032 Lead Cybersecurity Manager, ISO 31000 Risk Manager.
System and Organization Controls (SOC 2/SOC 3) reporting
The SOC2/SOC3 are reports based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) and existing Trust Services Criteria (TSC).
Based on our range of services, we focus on the Common Criteria (which include Security) and/or the additional criteria in evaluation of clients’ Availability, Confidentiality, Processing Integrity and Privacy. We assist our clients in complying with Trusted Services Criteria – providing advisory and/or SOC2/SOC3 examination/attestation services.
SOC for Cybersecurity
We assist our clients in assessment of compliance with SOC cybersecurity requirements, which demonstrate that the organization has effective controls in place to detect, respond to, mitigate and recover from breaches and other security events.