|
Hotline Support
Our Team Certifications
- Certified information Systems Auditor (CISA)
- Certified Ethical Hacker (CEH)
- ISO 27001: Implementers
- ISO 27001: Lead Auditors
- Security Certified Professional (SCP)
|
 |
Information Security Services
IT Governance & IT Security Governance Consultancy
ICC employees will be able to provide organizations with the proper consultancy for implementing an IT Governance or IT Security Governance disciplines. They are well equipped with the proper trainings and certifications required for such consultancies.
IT Risk Assessment
ICC conducts a full IT Risk Assessment which can aid the management to ensure implying the proper controls for the identified risks. This IT Risk Assessment is divided into two modules:
1. General IT Risk Assessment
ICC conducts a full IT Risk Assessment which can aid the management to ensure implying the proper controls for the identified risks. This IT Risk Assessment is divided into two modules:
- The risks for the IT processes, policies, and procedures (PPP)
- The risks of the functions in the IT department
2. Technical IT Risk Assessment
Another phase of the IT Risk Assessment is the assessment of the IT technical systems' security:
- Assessing the Network Topology
- Assessing External Security
- Assessing Internal Security
- Assessing Applications Security
- Assessing the Data Management
- Assessing User Awareness
- Assessing Physical Security
IT Security/ISMS Consultancy
An Information Security Management System (ISMS) is a management system based on a systematic business risk approach, to establish, implement, operate, monitor, review, maintain, and improve information security. It is an organizational approach to information security.
At ICC, we provide full consultancy for the proper implementation of ISMS based on recommendations and guidelines of international and local standards based on the following:
1. IT Risk Assessment and Risk Management
2. Implementing proper set of controls
3. Reassessing the IT Risks of the implemented controls
4. IT Security Processes, Policies & Procedures Documentation
Establishing and documenting comprehensive, detailed IT security processes, policies, and procedures (PPP) forms the cornerstone of good information security practice. Thus ICC security services division offers the following:
- Full Documentation
- Partial Documentation
- Reassessing the existing Documentation
5. Business Continuity & Disaster Recovery Planning (BCP/DRP)
ICC provides organizations and firms with the following solutions, which are all based on recommendations and guidelines of international standards:
- Full consultancy for implementing BCP/DRP
- Full assessment on an existing BCP/DRPM
6. IT Security Standards Compliance
ICC provides organizations with the requested compliance of local and international standards. Local standards are usually related to BCC 222. While international standards can be ISO 27001:2005 and HIPAA:
- BCC 222 (Banking Control Commission Circular No.222)
ICC provides all Lebanese Banks and Financial Institutions with the requirements for compliance with BDL IT security standards BCC 222. An IT audit checklist is prepared covering all the items found in BCC 222.
- ISO 27001:2005
ICC has become Lebanon's First British Standards Institution (BSI) ISO 27001 Registered Associate Consultancy, and one of only 10 firms in the entire MENA region.
BSI recommends that all the institutions that are willing to get the ISO 27001 certification, are initially requested to contact a BSI - ISO 27001 Registered Associate Consultancy firm. This step is always recommended to help institutions acquire the proper ISO 27001 IT Security controls before the BSI auditors get engaged in the certification audits. BSI always lists three associates for the client to choose from, and ICC is the first Lebanese firm to be recommended for various IT Security Consultancy jobs in Lebanon and the MENA region.
For more information about BSI & ISO 27001, please visit: www.bsi-emea.com
- HIPAA (Health Insurance Portability and Accountability Act)
Medical institutions have American IT security standard HIPAA, which might be considered as a medical version of the ISO 27001. Thus ICC will be capable of providing medical institutions with the required consultancy for implementing the HIPAA.
7. IT Security Training
ICC Security Services Division provides various training subjects in field related to IT Security for its clients. The trainings that we currently offer are:
- IT Security Awareness Training for Management
- IT Security Awareness Training for End Users
- IT Security Awareness Training for IT staff
- IT Security Customized Trainings
ICC Security Services Division outsources to companies and Financial Institutions the role of an IT Security Officer. This outsourcing agreement is for a specific time interval which cannot be less than one year.
IT Audit
ICC provides companies with required IT or IT Security Audit. The generated audit report can be a normal audit report generated from ICC, or it can be an official audit report generated from a legal audit firm which is ICC partner.
ICC Security Services Division outsources to companies and Financial Institutions the role of an IT Auditor. This outsourcing agreement is for a specific time interval which cannot be less than one year.
|
