Whether your project requires compliance with PCI-DSS, PIPEDA, PHIPA, HIPAA, SoX, or internal standards, IONICA provides comprehensive security auditing, analysis, remediation, and consulting to bring your products into compliance.
Gather information – meet with stakeholders to learn which security standards are to be met, which environments are to be assessed, and the business motivation behind achieving said standards.
Coordination – schedule appropriate times for each type of audit activity to take place, gain required approvals from managers,
Perform audit – assess environments and applications security posture. Identify areas of potential improvement. Document environment characteristics.
Present findings – all findings are documented in a comprehensive formal report. Report is presented to client, where each finding and recommendation is explained in detail.
Remediation planning – IONICA supports business in determining which elements of infrastructure and applications are to be modified after the presentation of findings. A plan and schedule is drafted to execute remediation.
Remediation – modify environments according to remediation plan, based on findings of security assessment. Remediation measures can be undertaken by client staff, development agency, or IONICA staff.