We make sure that we understand your requirements and then create the solution that is right for your needs. We use industry-accepted methods and standards for security, privacy, risk management, project management, solution design and infrastructure management.
Methods
- ISO 17799
- ISF Standard of Good Practice
- COBIT
- ITIL
- TRA (CSE, RCMP, MBS)
- PIA (TBS, MBS)
- Privacy Diagnostic Tool
- SDLC: Waterfall, RUP, OOAD
- PMBOK
Standards
- ISO 13335 (GMITS)
- ISO 7498-2
- NIST SP 800 reports
- ITU X.805 & ITU E.408
- NIST/DISA STIGs/checklists
- Common Criteria Protection Profiles
- CIS & NSA benchmarks
- Vendor guidelines
We are aware of applicable laws, regulations & rules such as: PCI, SOX, Bill 198 & MI 52-109, CPA, PIPEDA, FOIPP, PHIPA, HIA, FFIEC, Basel II, GLBA, FTC, CRTC, SB 1386 and similar, HIPPA and 21 CFR Part 11. We are also part of communities such as: (ISC)2, ISACA, CIS, HTCIA and IAPP.