 |
 |
 |
 |
|||||||||
 |
 |
 |
 |
|||||||||
 |
 |
 |
||||||||||
 |
Information Security Consulting Surety Partners provides a comprehensive set of security services to enable Clients to improve and manage the information security: Security assessments – Surety Partners performs a detailed evaluation of the Client's current information
systems infrastructure: systems, networks, policies and processes. The result is a snapshot of the Client's
security posture detailing the vulnerabilities discovered and the risks to the organisation, along with
recommendations of the measures required to achieve effective security. For the Client first approaching
information security, an initial security assessment establishes a baseline from which an effective security
policy and management process can be built.
Confidential Ó2002, 2003 Surety Partners Inc.
Surety Partners also provides a follow-on security audit service where our professionals return to a Client
site periodically to test the effectiveness of the security measures and processes in place and the Clients
adherence to its security management programme. These audits provide the Client with an updated
snapshot of their security posture and metrics to improve the security management programme
Application security design assessment – This service for software houses provides a diagnosis of the
present state of security implemented within software applications whether still in the design phase or
already deployed. Security vulnerabilities arising from architectural and design or coding practices are
identified and corrective measures recommeded.
Security policy development – Corporate security policy is the centre around which managed security is
built. Surety Partners works with the Client to develop security policies; establish the supporting
operational process; and instatutionalise an awareness program that meets the needs of the organisation
and that can be maintained and evolved by the Client.
Security process consulting - Surety Partners views security management as a business process, and not
merely a collection of technical issues. Drawing upon both our security and software process improvment
backgrounds, Surety Partners is unique in its CMMI-inspired approach to information security
management. The result is an effective operational security management programme which aligns with a
Client's business strategy and continuously improves as the corporation evolves.
Security training – From designing in-house security awareness programs for specific Clients, to technical
topics such as security for network & UNIX administrators, Surety Partners is developing a variety of
courses to impart our Clients, and IT professionals at large, with the knowledge needed to employ better
security practices in their day-to-day operations. Courses can be delivered in-house on the Client's
premises or hosted by Surety Partners. Surety Partners is also developing both technical and security
process management courses to be offered through the Information Technology Centre (ITC) at the
University of New Brunswick.
|
 |
||||||||||
|
||||||||||||
 |
 |
|||||||||||
 |
 |
 |
 |
|||||||||
