IONICA provides comprehensive security auditing, analysis, remediation, and consulting to bring your products into compliance.

Standards supported include:

  • CIS Benchmark, levels 1 and 2
  • CyberSecure Canada
  • Security Policy Implementation Notice (SPIN)
  • British Columbia Security Threat and Risk Assessment (STRA)
  • FIPS 140
  • SoX
  • CSE ITSG-22
  • CSE ITSG-38
  • Internal organisational standards


Gather information – meet with stakeholders to learn which security standards are to be met, which environments are to be assessed, and the business motivation behind achieving said standards.

Coordination – schedule appropriate times for each type of audit activity to take place, gain required approvals from managers,Perform audit – assess environments and applications security posture. Identify areas of potential improvement. Document environment characteristics.

Present findings – all findings are documented in a comprehensive formal report. Report is presented to client, where each finding and recommendation is explained in detail.

Remediation planning – IONICA supports business in determining which elements of infrastructure and applications are to be modified after the presentation of findings. A plan and schedule is drafted, working closely with the client to align activities with organisation operations and application development cycles, to execute remediation.

Remediation – modify environments according to remediation plan, based on findings of security assessment. Remediation measures can be undertaken by client staff, development agency, or IONICA staff.