GRC Services
Compliance Workshop
Compliance Workshops are designed to provide examples of potential leaks, privacy and regulatory risks in organizational data within Modern Work environments. Through this workshop, find compelling ways to remediate risk, identify deviations from common corporate policies using Microsoft 365 E5- associated technologies.
Policies & Procedures Development
Suraksha’s policies and procedures development and maintenance gives you the confidence that your work force, suppliers and partners are aware of your stance and position with cyber and information protection. ISMF, ISMS, Organisation, Asset management, Personal safety, Physical environment security, Communications and operations, Access controls, System development and maintenance, Risk assessment and treatment and compliance requirements policies and procedures with updates is a critical service that Suraksha provides.Suraksha’s policies and procedures development and maintenance gives you the confidence that your work force, suppliers and partners are aware of your stance and position with cyber and information protection. ISMF, ISMS, Organisation, Asset management, Personal safety, Physical environment security, Communications and operations, Access controls, System development and maintenance, Risk assessment and treatment and compliance requirements policies and procedures with updates is a critical service that Suraksha provides.
Threat & Risk Management
ISO 31000, ISO 27002, 27003 family based TRA. Suraksha audit outcomes will provide an active threat map and mitigation recommendations. A solution can be put in place using Suraksha’s continuous monitoring to manage real time risks.
Risk Services
Suraksha’s world class risk services provides you with real time upto date risk profiles to manage your business and mission critical risks. Risk maps, risk registers, risk treatment plans, mitigation plans and control frameworks for cyber protection.
3rd Party Assurance services
Times are changing and the business world is seeing new and growing delivery models. The rise of service-orientated architecture whether it is outsourcing, cloud computing or shared service centres is also increasing the need for trust and transparency around those services. Privacy and security concerns around the handling of data are also high on the agenda. In the financial services sector there is also the added pressure of regulatory change which in turn drives the demand for greater and more frequent assurance.
If your organisation provides such services and your customers’ control environment is dependent on your systems, procedures and controls then it may well be in your best interests to provide a report on your internal controls so that you can demonstrate that you are doing the right things and doing things right. Moreover, in today’s rapidly changing and increasingly regulated world your customers or your future customers may demand it.
We have extensive experience in assisting service organisations to report on their controls and can help you determine the most appropriate solution for your organisation. Whether it is an ISAE 3402, SSAE 16 of AAF 01/06 report you need to know more about or your customers are wanting to know how you match up to ISO 27001 we can help. Our flexible approach coupled with our unrivalled experience in a number of sectors means that we can help you tell your customers about your control environment and tell you how it might be improved.
Risk audits to identify: Weakness in SCADA, Insecure OT networks, Weak protections, device level, device to device, device in a network and network to network risks and mitigation strategies and control recommendations will be provided.