Compliance & Regulation

slider3_

Depending on each organisations sector of operation, Performanta’s experts can assist and prepare the organisation for sector related compliance, including PCI-DSS, ISO27001, COBIT, etc. The Performanta Consultancy is specifically aimed at providing and developing the necessary tools to enable organisations meet essential compliance guidelines in a way that is cost effective, efficient and with services delivered in an agreed time frame.

PCI-DSS Compliance & Consulting

Theft of credit card information due to various breaches is a phenomenon that has become more prominent in the last few years amongst financial institutions, gaming companies, insurance organisations and more. These thefts cause immense financial damage, loss of capital due to leakage of IP and customer data and high operational cost of recovering the businesses’ reputation and network.

In order to eradicate this trend, credit card companies have joined together to create a data security credit card standard called PCI DSS (Payment Card Industry Data Security Standard). Corporations, who transfer, store, process, or forward credit card details need to be regulated according to this standard in order to be licensed by the International Regulatory Committee. Under this definition, all businesses, service providers, 3rd parties and accrues need to adopt this standard.

We, at Performanta, are experienced in supporting organisations from the gap analysis stage, the advice stage and through to hands-on solutions with a holistic approach taking all relevant business parts into consideration to provide an efficient security solution for the organisation, leading to full compliance and certification.

ISO 27001-2:2013

In today’s enterprise computing environment, with its dependence on a complex ecosystem of physical, virtual, cloud-based servers and storage, it is more important than ever that the business environment of the organisation has a robust information security management system (ISMS).

Although it is possible to put together ISMS on your own, how can you be sure the end result is secure and cost-effective? Remember, you need a system that keeps tabs on your information and quantifies the degree of risk to it from outside threats, internal threats, processes and other factors that exist in your environment. Ideally, an ISMS solution will be risk-based, providing security that is based on a scientific assessment of risk and delivering just the right degree of security without over-engineering and overspending.

Designing and implementing an ISO 27001-compliant ISMS is a big task. Involving specialised experts in that process is highly recommended.

Performanta ISO 27001 Consulting Services enable your organisation to:

  • Identify security risk exposure
  • Derive security requirements
  • Define the necessary security controls, processes, and procedures within the ISMS
  • Define and document security metrics and records required to effectively manage the business and prove compliance
  • Successfully demonstrate compliance to ISO auditors

ISO 27001:2013 Flowchart Examples:

 

ISO27001_2013_Flowcharts_11

 

ISO27001_2013_Flowcharts_22