Our Services

Information Security Audits and Compliance

GDPR is an EU law with mandatory rules for how organizations and companies must use personal data in an integrity friendly way. Our GDPR analysis service consists of a comprehensive legal audit and review of the current organizational measures for personal data protection in accordance with GDPR.


GDPR Analysis

  • Organizations seeking to audit their current GDPR compliance and get an overview of the compliance gaps that they may or may not be aware of.

    • Comprehensive legal audit and review of the current organizational measures for personal data protection;

    • Verification of personal data processing activities and their compliance with the new requirements of the Regulation;

    • Consultations when changing and introducing new legal norms;

    • Employee training

  • You will receive a comprehensive report containing a full gap analysis and recommendations for improving the introduced measures and their regulatory compliance with the newly adopted norms.

Compliance Services

  • Organizations seeking to achieve or maintain NIS2, SOC, DORA, HIPPA compliance.

  • Drafting and assistance in implementing information and cyber security rules and policies in organizations. Full compliance with NIS2, DORA, SOC and HIPPA, including development of new operating procedures and Information Security Policy.

  • Policies and procedures relating to complaints that the legislation recommended to be made.

We can help you achieve full compliance with NIS2, DORA, SOC and HIPPA.


GDPR Compliance

  • Organizations seeking to achieve full GDPR compliance.

    • Preparation of rules and procedures for regulating activities under GDPR

    • Analysis of personal data processing activities and their compliance with the new GDPR requirements;

    • Analysis of the personal data used and legal grounds for their collection.

    • Preparation of a Data Protection Policy.

    • Work instructions and documents required for full compliance.

    • Procedure for managing user requests, as well as the necessary forms.

    • Drafting cookie policies for websites.

    • Assistance in integrating the rules into the company's daily work.

    • Training of employees.

    • Additional consultations.

  • Discover

    • Find out what you have and where it lives.

    • Be able to generate reports as evidence of the above

    • Control access and ensure that it doesn’t fall into the wrong hands.

    Identify

    • Identify sensitive data and take steps to secure it using techniques like Encryption and Pseudonymization

    • Track any data sharing with external parties

    • Be able to pull an audit log of all such sharing activity

    • Apply permissions to data using the principle of least privilege

    Report:

    • This is a key element of all compliance. You can do all of the above, but not having a way to demonstrate compliance is just as bad as not being compliant at all.

We help organizations achieve full compliance with the regulatory requirements of Regulation 2016/679 and the Personal Data Protection Act, including the development of new work procedures and the Personal Data Protection Policy.


Our DPO as a Service makes it possible for your organization to outsource the role of a DPO, instead of hiring one. The outsourced DPO performs the tasks described in the GDPR allowing you to reach the desired compliance level.


DPO as a Service

  • The service is suitable for companies that are legally obliged to have a data protection officer.

    • Exert control over the implementation of the adopted personal data protection policy within in the company, as well as compliance with the regulatory requirements;

    • Prepare recommendations and consultations during the implementation of new products affecting subjects of personal data;

    • Advise your employees in case of issues or requests related to the processing of personal data;

    • Commit to communicate with the Personal Data Protection Commission or with other legal entities;

    • Prepare regular reports in the event of incidents, and in certain cases notifies the CPLD (Commission) within the specified time limits;

  • Item description

ISO27001 Internal Audits

  • Organizations seeking to achieve or maintain ISO27001/2022 compliance.

  • We will conduct an internal ISO 27001 audit, according to the requirements of clause 9.2 of the ISO 27001/2022 Standard Information security, cybersecurity and privacy protection — Information security management systems — Requirements

  • You will receive a comprehensive report containing recommendations for improving, according to ISO 27001 and ISO 19011;

Our team has ISO 27001 certified internal and external auditors who can perform internal audits of your organization and participate in external audits during ISO 27001 certification audits.


NIS2, DORA, SOC, HIPPA Audits

  • Organizations seeking to review their NIS2, SOC, DORA, GDPR compliance.

  • We conduct information security audits in relation to the requirements imposed by various regulatory bodies of financial institutions and a number of regulatory requirements defined by the "Cybersecurity Act", "Ordinance on the Minimum Requirements for Network and Information Security", General Data Protection Regulation (GDPR), NIS2, American SOC standards, HIPPA, etc.

  • You will receive a comprehensive report containing recommendations for improving, according to the chosen standard;

We conduct information security audits concerning the requirements imposed by NIS2, SOC, DORA, GDPR, and HIPPA.

How you protect your customer’s data can make all the difference.