PROUD | ADVISORY

The BCMS advisory services provide you with the development of business continuity management system based on ISO 22301 which is an international standard for setting up and managing an effective business continuity management system (BCMS). The process of business continuity management consists of an understanding of the organization using several techniques such as business impact analysis , prioritizing the business processes , identifying potential threats to the organization , and developing business continuity plan (BCP).
Our services cover an implementation of BCMS and certification to ISO 22301, a development of business continuity plan (BCP) or disaster recovery plan (DRP).

The CSA STAR Certification is a rigorous third party independent assessment of the security of a cloud service provider. The technology-neutral certification leverages the requirements of the ISO/IEC 27001 management system standard together with the CSA Cloud Controls Matrix , a specified set of criteria that measures the capability levels of the cloud service.

Cyber security assessment involves the comparisons of current cyber security controls with desired controls such as National Institute of Standards and Technology (NIST) cyber security framework (CSF) , ISO/IEC 27001 , COBIT5 for Information Security , Cyber Essentials , Center of Internet Security (CIS) or Hong Kong Monetary Authority (HKMA). The output of the assessment is the areas of improvement and gap remediation recommendations.

A gap analysis is a method of assessing the differences between existing controls such as policies , processes , procedures or system configurations and desired controls such as global standards , laws and regulations , frameworks or best practices. The results of the assessment is the recommendations to strengthen the gaps through prioritized initiatives that would add to ensure the minimizing the risk of operational activities , financial or reputational losses.

The ISMS advisory services provide you with the development of information security management system based on ISO/IEC 27001 which is an internationally recognized best practice framework for an information security management system. It helps you to identify risks and puts in place security measures that are right for your business in accordance with the principles of ISMS which are to preserve the confidentiality , integrity and availability of information , so that you can manage or reduce risks to your information.
Our services cover an implementation of ISMS and certification to ISO/IEC 27001 , a development of ISMS policy or ISMS roadmap.

The ITSMS advisory services provide you with the development of IT service management system based on IT infrastructure best practice (ITIL) or ISO/IEC 20000 which is an international standard for an information technology service management system. It specifies requirements for the service provider to plan , establish , implement , operate , monitor , review , maintain and improve an ITSMS. The requirements include the design , transition , delivery and improvement of services to fulfil agreed service requirements.
Our services cover an implementation of ITSMS and certification to ISO/IEC 20000 , a development of ITSMS policies , processes , procedures or ITSMS roadmap.