Business Risk Services

Information Systems Security

Grant Thornton’s information systems security practitioners understand the risks to the broader business environment of inadequate security controls and formulate solutions that enhance the control environment aligned to an organisation’s business model, activities and mission. We understand that information systems security transcends any single activity within an organisation.

In addition, our solutions are designed for clients that are seeking to address a variety of complex security requirements. We have developed a methodology to enable clients to effectively assess and manage risk by implementing appropriate security countermeasures throughout the entire security life cycle.

Our team offers a full range of information security services.

• Information Security Strategy and Roadmap
• Assistance of Establishing Information Security Management System (ISMS)
  • Planning
  • Security Risk Management
  • Control Development
  • Communication
• Security Assessment
  • Operating System Security reviews (Windows, UNIX, AS400, etc.)
  • Database (Oracle, MS-SQL, MySQL, Sybase, etc)
  • Web Server (IIS, Apache, IBM HTTP Server, etc)
  • Web Application Server (IBM Websphere, BEA Weblogic, etc)
  • Network Equipment (Cisco router, Switch and Wireless Access point, etc)
  • Security Equipment (Checkpoint, Netscreen, Cisco PIX, Fortinet, etc)
  • High-level Network Architecture Review
• Vulnerability Assessment
• Network Penetration Testing
• Web Application Penetration Testing