Services
What we offer
INTRODUCTION
The rapidly increasing IT security threats force companies to greatly expand their cyber security work to survive in a digitally competitive world. When it comes to cybersecurity maturity, only 43 percent of operations are at the right level to meet the 2023 threat landscape. Most companies take security seriously, but unfortunately, they don’t always have enough resources. And when you think the system is secure, the landscape changes and knowledge quickly become obsolete. Cybercriminals are constantly developing new methods to hijack corporate systems, making it seemingly impossible to be completely secure. Taking expert help is usually the best way to stay one step ahead.
MOTIVATION AND STRATEGY FOR BUSINESS CONTINUITY MANAGEMENT & CYBER SECURITY AUDITS :
It has become essential for companies to have BUSINESS CONTINUITY MANAGEMENT & Cyber Security in focus. Customers and stakeholders require the company to follow requirements and regulations. The main idea is to show the stakeholders and authorities that the company IT systems do not pose any additional risks The purpose of an audit is to map whether the company complies with the applicable standards and to carry out a GAP analysis that demonstrates the delta between applicable standards and present status.
POWEX IT HELPDESK
Is an International IT service and solution consultant company, in the public and private sectors. We offer a full range of IT competencies, and we help you harness the power of new technology while getting the most out of your old
IT. We work with the industry’s best supplier and partners and use our well-developed relationships to share resources with you. Our engineers have an impressive range of formal training, experience and certificates to deliver your
solutions. Our goal is to deliver solutions that maximize the return on your technology investments
TRAINING & CERTIFICATION
Certified ISO 22301 BCMS Foundation training course outline. This course provides a comprehensive introduction to the ISO 22301:2019 standard and its requirements for an effective BCMS, including:
- Understanding business continuity concepts, terms and definitions.
- The benefits of a BCMS to an organisation.
- The process elements of a BCMS.
- The principles of business impact analysis and risk assessment.
- The principles of incident response and business continuity management.
- The principles of exercising business continuity arrangements.
CONSULTATION
Achieve compliance with ISO22301 or ISO 27000 in just four months. POWEX Consultancy Service has been specially designed for professional businesses . We will help you achieve certification-readiness in four months, guaranteed and take care of the entire implementation process up to certification-readiness.
ESTABLISHMENT & OPERATION
Save time and hassle when managing your BCMS with hands-on support from an ISO 22301 specialist. This service will enable you to maintain ongoing compliance with the requirements of ISO 22301, and is aimed at those who currently have no in-house expertise to manage an ISO 22301-conformant business continuity management system (BCMS).
AUDIT
Audit of management systems in a broader perspective and to provide guidance that is more general.
Audit results can provide information for the analysis part of business planning and make it possible to identify improvement needs and improvement measures.
An audit is conducted according to guidance for the audit of management systems (ISO 19011:2018 /ISO27007) and addresses a range of audit criteria, separately or in combination, including but not limited to:
- Requirements specified in one or more management system standards, policies and requirements established by relevant stakeholders, legal and regulatory requirements,
- One or more processes within the management system defined by the organization or other parties,
- Management system plan(s) to achieve specific results with a management system ( eg Quality Plan and Project Plan).
This standard provides guidance for all organizations, regardless of size and type, and for audits of varying scope, including audits performed by large audit teams, which is common for larger organizations, and audits performed by individual auditors, whether the organization is small or large .
PENATRATION TESTING
- High-quality services to assess the IT infrastructure and identify vulnerabilities by reviewing IT services configuration against the industry best practices and vendor’s recommendations.
- High-quality penetration testing services – ScienceSoft uses predominantly manual security testing techniques combined with an automated approach. This approach fully validates all issues and vulnerabilities beyond scanner results.
- Perform Gray Box Penetration Testing based on the NIST 800-115 guidance to evaluate the security and identify vulnerabilities by simulating attackers’ actions and unauthorized access to the data and IT resources.
- With skilled Pentest engineer and IT Security Engineer to work on this project, and a dedicated Project/Account Manager will supervise them.
- Our Deliverables :
- Comprehensive Final Report with technical details of testing performed and findings, description of the methodology, and remediation recommendations.
- Comprehensive Final Report with technical details of IT Cyber Risk Assessment performed and findings, description of the methodology, and remediation recommendations.
- Executive Summary – could be used as a customer-facing document
CYBERSECURITY & IT INFRASTRUCTURE
Cyber security audit (CIS V8) Critical Infrastructure Cybersecurity.
Led by Sour Solution Architect and Tech Led: with +20 years Cloud Security Architect with Azure, Amazon Web Services and Goggle Cloud Platform. He works with developing cloud strategies, guiding cloud principles, security requirements, implementation guidelines, architecture descriptions as well as working hands-on implementing governance and security controls in cloud environments. A substantial part of this work is to analyses regulations, information security frameworks and Best Current Practices that affect an organization and on how to adhere to them in practice. He is also experienced in managing and monitoring cloud resources/services, working with Infrastructure-as-Code, Defender for Cloud and Azure Sentinel.
- Docker, Docker Swarm and Kubernetes
- Azure, AWS and GCP
- DevOps/DevSecOps
- Infrastructure as Code development using Terraform and ARM templates
- PowerShell and C#
- Security Architecture framework for infrastructure governance & security
- VMware vRealize
- Modelling business capabilities and processes
- Information Security Management Systems (ISMS)
- Software Architecture Descriptions (SAD)
- Infrastructure and systems development practices
- Project management, Kanban, Scrum
- Azure Pack private cloud (System Center 2012)
- Firewalls, IDS, SIEM
- Windows and Linux OS
top professionals
Why Choose Us
All our experts have been involved in BCM establishments a numerous of times and are recognized experts in to conducting
- BIA/ BCP,
- Technical and
- Cyber audits activities
for large organization on several occasions.
POWEX Staff are experts with and have extensive knowledge and experience in to establish and manage IT infrastructure which is used for supporting the different business processes.