ISO 27001 enables companies to measure the risks to their information and ensure that appropriate measures or controls are in place to protect their business and information assets. Our ISO 27001 compliance services assist an organisation to understand the gaps in information system controls as per the ISO 27001 control objectives and provide recommendations to address the gaps. This will assist an organisation in formulating implementation plans to achieve ISO 27001 certification.

COBIT (Control Objectives for Information and related Technology) is designed to be an Information Technology governance aid to the management in their understanding and managing of the risks and benefits associated with information and related technology. Our COBIT compliance services assist in achieving control objectives by managing the security function through the following four broad domains:

Our SAS 70 Assurance services (Type 1 & Type 2) not only enable the management of a service organisation understand the effectiveness of the control environment, but also facilitate the service organisation to demonstrate to its users the effectiveness of its internal control environment.

Our SAS 70 services include:

Through our SAS 70 services, a service organisation can also ensure compliance to the Sarbanes-Oxley Act.

CII offers a range of services that help organisations become GLBA compliant. The scope of services encompass the entire spectrum: from development of a formal security program, approved by the board of directors, to implementing all the necessary procedural, technical and physical controls. Our GLBA compliance services assist in not only meeting the Privacy requirements of GLBA, but also in implementing a comprehensive Security Controls Framework based on ISO 27001 practices. Our services include:

Our business oriented approach to SOX compliance goes beyond normal systems audit and focuses on deriving increased value for information systems through robust internal controls, implemented as part of an efficient corporate governance framework.

Using the COSO framework, we assist in establishing a healthy IT Control environment, enabling senior management understand the organisation's IT-related business risks, implement controls to mitigate them, and empower management of residual risk. The objective is to design an IT Security Governance framework, where the management can measure and control IT related business risks.

Our comprehensive approach to assessing, planning, designing, implementing and managing mission critical activities will assure rapid identification, improvements, and testing of internal controls and processes.

CII recognises the challenges and opportunities organisations face in conducting business in a HIPAA compliant environment. The requirement of administration simplification specified in HIPAA presents an opportunity for organisations to redefine their processes to bring about efficiencies and adopt new technologies. Our approach to HIPAA compliance begins with assessing the impact of the Act on the organisation's processes and services. As part of the assessment we carry out the following:

The information security framework developed by us is in accordance with the best practices of COBIT and ISO 27001.