Involta Risk Assessments identify gaps in meeting compliance objectives and recommend practical measures to align business practices with specific compliance and business objectives including: 

 

Industry standards of good practice, such as ISO 17799, NIST, and COBIT serve as the touchstone for Involta's efforts to improve your business. 

 

Regulatory directives, including GLBA, FFIEC, HIPAA and SOX are areas of expertise for Involta's practioners. 

 

Involta's uses a common framework that leverages similarities between many of these requirements while effectively incorporating specific business objectives for your company. 

 

Involta's Risk Asssement service provides a detailed view of an organization based on the following twelve areas: 

 

-Security and privacy management 

-Risk management and governance 

-Security policies and practices 

-Information classification and management 

-Technical security controls 

-Personnel security controls 

-Security awareness and training 

-Physical and environmental controls 

-Incident management 

-Vulnerability management 

-Virus protection 

-Business resumption and disaster recovery 

 

Evaluation of these key areas enables Involta to outline an organization's overall business objectives and assess its current ability to support them. Keeping pace with the dynamic changes facing businesses today, Involta evaluates the impact of vulnerabilities and business risks as it relates to customer and regulatory requirements. Involta documents your strengths and weaknesses and recommends practical solutions. Involta helps you: 

 

Prioritize spending for the highest value. 

Track changes and measure effectiveness 

Improve the accuracy of due diligence efforts in support of mergers, acquisitions, and strategic partnerships. 

 

Regulatory compliance is becoming increasingly important to organizations as they grow and change in a global, connected economy. TRC helps our customers prepare for regulatory audits with pro-active plans and compliance documentation. TRC always identifies operational and systemic improvements to improve compliance AND customer service. 

 

Technical Security Assessments 

 

TRC's Technical Security Assessments ensure that each level of an organization's information infrastructure meets customer-driven information security objectives. State-of-the art tools, seasoned professionals, and industry security best practices and standards are used to create a gap analysis that identifies areas of high risk and recommended solutions. 

 

Vulnerability Assessment and Penetration testing identifies known network vulnerabilities using the most sophisticated techniques available. Mimicking a malicious intruder, TRC gathers network and device level information, runs automated scanning tools, and uses extensive manual testing to discover and verify network vulnerabilities. 

 

TRC external network vulnerability testing probes Internet points-of-presence and associated connected devices for known security vulnerabilities. Internal network vulnerability testing assesses network security from inside a DMZ or from within an organization or business unit. All testing uses strict controls with an emphasis on protecting each client's security and privacy. 

 

Detailed network reviews analyze network and server configuration, document network architecture, assess adherence to policy, and verify consistent configuration control.