CISO as a Service

Many organisations do not have the resources to employ dedicated Information Security personnel or the existing IT team don’t have the time to keep up with the constant flux of the threat landscape. Integrity360's GRC Practice provides a “CISO as a service” offering (also known as vCISO), which can give your business the ultimate service offering covering all information security requirements across the organisation. This service is the ideal choice when there isn’t a full time requirement for a CISO or when the existing CISO can benefit from some assistance. The service is flexible and can be tailored to your business’ needs.

  • Policy Suite
    • Document review, Gap Analysis, Policy Design and Update, ISMS and Framework development.
  • Compliance Services
    • PCI-DSS v.3.0, ISO27001, SOX, GPG13
  • Risk Services
    • Risk Management Strategy, Risk Reduction Analysis, Critical Asset Review, Risk Rating Review, Organisational Risk Assessments, 3rd Party Risk Assessments, Risk Acceptance.
  • Business Continuity
    • Consultancy and Planning
  • Security Assessments/Tests
    • Security Assessments, Penetration Testing, Vulnerability Assessments, Perimeter Review, Network Security Device Review and Tuning..
  • Computer Security Incident Response Service
    • (CSIRT) – Preparation – Detection & Analysis – Containment, Eradication & Recovery – Post-Incident Activity. Incident Management plan
  • Awareness Training
    • Security Awareness Training for Regulatory Requirement, & Internal Corporate Governance & Compliance.
  • User Access Governance