Information Security Audit, Consulting and Training (Infosecact) is represented by Certified Information Security Consultants who are security experts in their respective fields. The Consortium was formed to provide unparalleled range of services to small and or large corporations.
The Information Security Audit, Consulting and Training (Infosecact) follows the Professional Standards of the Practice of Internal Auditing as issued by the Information Systems Audit and Control Association (ISACA), National Institute of Standards and Technology (NIST), the Institute of Internal Auditors (IIA), and the International Information Systems Security Certification Consortium (ISC²), additionally; the Infosecact Audit Program adheres to information security standards as published by the Information Standards Organization (ISO).
Our audit efforts are focused on areas presenting the highest degree of risk, as well as on those areas where risk mitigation will provide the greatest potential benefit to the Organization and our main objective is to provide our clients with high quality services and deliverables, evidenced through independent peer reviews.
The types of audits performed by Infosecact include, but are not limited to the following: (1) Applications and systems; (2) Data centers /sites; (3) Data management; (4) Internal technology controls; (5) Investigative and incident follow-up; (6) Mobile and portable devices; (7) Networks and network components; (8) Physical security; (9) Policy and regulatory compliance; (10) Telecommunications; (11) Technology operations; and (12) Cloud Computing i.e., Service Model, Deployment Model and Characteristics.
Information collected during our IT audit engagement will only be used for official purposes and not for personal gain, in a manner contrary to law, or detrimental to the legitimate interests of the audited entity or the audit organization. This includes the proper handling of sensitive or categorized information or resources. And, Infosecact will only release engagement findings and recommendations to additional entities under the following circumstances: by request from the audit client, for peer review, and/or under order of subpoena. Only Information specific to the request will be released.
Information Security Audit, Consulting and Training (InfoSecAct) values have shaped the Consortium’s history and will continue to define our aspirations. Our values are central, enduring and a reminder that how we do things is as important as what we do. InfoSecAct values are as follows:
- We conduct ourselves at all times in a manner consistent with professional principles.
- We endeavor to achieve our mission in the most efficient and effective manner.
- We achieve results through teamwork.
- Clarity in understanding our mission, our goals and what we expect from each other is critical to our success.
- We keep trying on giving our best effort in everything we undertake.
- We feel a sense of urgency on any matters related to our clients.
- We love to compete and we believe that competition brings out the best in us.
Providing leadership and expertise in order to assist system owners to rely on critical IT assets to accomplish their mission and objectives and accepting as true that hardening system controls are logical coherent activities.