At Savanti we have developed our Cyber Security Controls Framework as part of our cyber security assessment service, consisting of 15 domains that cover the governance, organisational and technical security requirements that make for good cyber security setup in the workplace. These controls are not new but are grouped into coherent domains that reflect modern threats and the actual causes of incidents, to provide a pragmatic model to implementing a strategic response to cyber risk.

Using our Framework we assess the key aspects of security risk to the information, systems and infrastructure in order to provide you with swift analysis of your cyber security maturity, rate existing cyber security controls and help you shape your information security programme.

We have extensive experience in performing cyber security assessments to ensure you have effective information security controls in place and that you comply with relevant standards and regulatory requirements:

• Performing detailed information security measurement and tailored reviews of specific areas such as data loss, infrastructure security components and physical security to ensure that the processes and controls in place are effective at mitigating security risks
• Assessing your level of compliance against the 12 requirements of the Payment Card Industry Data Security Standard (PCI – DSS) to support you in completing your Self-Assessment Questionnaire (SAQ) or to prepare for an external audit from a Qualified Security Assessor (QSA)
• Performing audits of critical third parties and suppliers who store and process your data to provide assurance that they meet both your security requirements and the contractual obligations in place
• Assessing software security maturity using the OWASP Software Assurance Maturity Model, to ensure that your software is free from security vulnerabilities at any point during its lifecycle, that could lead to service and information compromise