Our Analyst team can perform third party Information Risk Assessments for Security controls, to identify significant risks to the organization, identify potential Technology risks and recommend solutions. Partner with the business and technology to review cyber security risk findings identified through the Third Party risk assessment.
* Provide risk finding recommendations that the business and Third Party Suppliers may implement to mitigate identified finding gaps.
* Evaluate vendor responses to ensure that remediation plans and tasks adequately address identified control gaps.
* Work with Third Party Risk team to ensure that risks findings are clearly articulated in a manner that is understood by business and the Third Party Suppliers.
* Coordinate with stakeholders to implement assessed solutions, document over-arching processes, work with internal stakeholders to enhance existing process, track remediation of findings and reporting.
* Document the Third Party risk assessment and remediation processes.
*Assist the business and technology groups through the DTCC processes.
* Develop and standardize reports to meet stakeholder requirements (e.g. senior management reports, detailed reports etc.)
We are one of the ERP system development pioneers. We organized team of IT professionals and subject matter experts who can define project roadmaps and engineer workflow to produce on-time quality deliverables, Customized process development, agile end-to-end ISMS process, Scrum modules, IT audit and GRC components.
Product re-engineering, Security Compliance and Testing, IT Support Customization, SOP, Risk Assessment and Control Audit is our area of expertise.
We also provide Governance Services in Cloud Security, Risk rating , GDPR, Database / system administration, System Integration, Business Analysis, SAP functional and technical administration.
We will work with internal stakeholders to document any instance of Policies noncompliance, write SOPs, SAP, SSP, SAR, recommend remediation plan and track them to closure.
We provide provides classroom training and on-site training on latest Information Technology Security Awareness, Business Continuity and Disaster recovery planning, and other related areas in the IT field. We have designed training for all levels of professionals from management, senior-level consultants to new college graduates and beginners in the industry looking for a career change.
Our one-on-one competency-based training concept is aimed at helping our consultants deliver excellent services to clients, up to date technology knowhow.
We provide career development, advancement, and transition advise in Interpersonal Skills with interview tips to our budding IT consultants, application developers, database administrators, software engineers, project managers, and cloud implementation experts.
The Quality of our services are defined by proven standard engineering processes compliant and enterprise adherence to ISO 27002 or 17799, NIST, PCI, FedRAMP, SOX, HIPPA, GLBA and SOC 1 & 2 focused priorities for continuous process improvement.
Our white-glove business model offers superior synergistic skills, and outstanding IT consulting experience. Our business model in providing quality services and professionally designed Business and resources ergonomic outlook is derived from industry controlled standard procedures with continuous monitoring throughout production life cycle (SSDLC).
We provide our clients with the best in IT GRC managed by ISMS subject matter experts. Our team is dedicated to delivering dependable business solution that exceeds most client expectations. We understand the importance of security in today’s market, and agile performance required in technologies and tools.
Today, every organization is driven by Information Technology and are heavily reliant on IT expert functions. The need for IT professional services has reached a pitch that Computoss Technologies can act as a one-stop shop for all.
We specialize in both long and short term contract engagements in providing IT Consultant and Subject Matter Experts (SME). Additionally, our staffing solution, can provide candidates for recruitment to meet clients' need.
Our solutions specialists will work with businesses to place the best candidates that meets their needs.
Our Security Governance Risk & Compliance team will:
•Work with Subject Matter Experts to gather information, design, and write Policy & Standard documentation.
• Research, analyze, and document Information Security internal processes, software applications, industry/regulatory framework and technical tools to deliver documentation that is accurate and complete.
• Use advanced technical writing knowledge to write and maintain new/revised procedures.
• Assess internal processes and make recommendations to streamline procedures to reduce risk
• Ensure documentation is in compliance with corporate standards, established guidelines, and easily understood by the end-user
• NIST 800-53, NIST Cyber Security Framework, ISO 27001, ISO 27002, GDPR, PCI, SOC, SOX, FedRAMP, HITRUST, HIPAA, and Cyber Essentials framework
• Reviewing Privacy & Security Portfolio, identified gaps from Industry/Regulatory Frameworks.
• Create new documents that are needed in the Portfolio.
• Partner with P&S Leads to work with Domain SMEs on annual review of their documents.
• IT Audit and Enterprise Risk Management (ERM)
• Manage FedRAMP program – SSP, SAP, SAR, RAR, POA&M, Assessment readiness & facilitation
• Perform security audits, risk assessments, Business Impact Analysis (BIA) and control gap assessments against Splunk common controls framework.
• Review policies, standards and methods for accuracy and applicability to required regulatory and compliance areas.
• Develop dashboards and metrics for measuring efficacy of implemented controls
• Document and perform walkthroughs of key processes, vulnerabilities, risks, controls, and develop testing procedures.