Creating procedures

The first step in establishing any organization’s security services and mechanisms is to formulate security policies.

Among them, the two most important ones must not be missing:

  • information security (Information Security Management System)
  • business continuity (Business Continuity Management System)

As part of the services provided, a team of our specialists develops and supports the implementation of dedicated procedures that meet the specific needs of customers.

Ask for an offer
Audits – compliance testing

Effective functioning of the introduced policies or procedures requires conducting audits to verify the correctness of the applied security measures in relation to the assumed requirements.

In addition, security audit is carried out to control compliance with defined standards, which are to ensure full data security in the organization. An experienced auditor carefully controls the functioning IT system. It indicates any non-compliance with the standards and issues appropriate recommendations that will enable the improvement of safety.

We carry out audits for compliance with the requirements of:

  • KSC – National Cybersecurity System
  • PN-ISO / IEC 27001 standard – Information Security Management System
  • PN-ISO / 22301 standard – Business Continuity Management System (BCMS)
  • Recommendation D of the Polish Financial Supervision Authority
  • Ministry of Climate – Recommendations for actions aimed at strengthening cybersecurity in the energy sector
  • KRI – National Interoperability Framework
  • R-CYBER-1/2021 – Recommendations of the Chancellery of the Prime Minister on cybersecurity for the water and sewage sector
Make an appointment for a RiskScope diagnosis
Tests as an assessment of the state of safety

As part of the tests, a process consisting in conducting a controlled attack on the company’s ICT system is carried out. Its purpose is a practical assessment of the current security status of this system, in particular the presence of known vulnerabilities and resistance to attempts to breach security. In addition to testing IT systems and infrastructure, we also conduct employees’ susceptibility to various elements of social engineering.

Test methods carried out:

  • Pentests
    Penetration tests reflect real hacker attacks that target company resources.
  • Socio-technical tests
    Periodic testing improves employee awareness and secures areas important for management.
  • APT tests
    Advanced Persistent Threat – Advanced Persistent Threat is a sophisticated cyber attack where an intruder establishes an undetected network presence to steal sensitive data over an extended period of time.
Knowledge base
How to create safe passwords on the Internet
Any information that is collected from customers or from other sources must be adequately protected in accordance with the GDPR.
Read more
Ask for an offer

Would you like to learn more about our offer or have any questions about specific solutions.Please do not hesitate to contact us.