We know as no other which unexpected weaknesses can hide behind the made choices that initially seem very safe. Our audits and assessments show the state of your security. They show where the weaknesses are within your systems and whether configured security processes really work.
It is no easy matter to investigate an organization or information system with regard to security. You will be assured that all parts are included in the correct proportion because of our holistic approach in which people, processes and technology are given the highest priority.
Every organization is unique with regard to both structure and the way in which work is performed. We therefore check what the best approach is for every audit. It may therefore be the case that the focus is on, for example, the processes or, rather, on the people or technology. You can, however, also select a combination. What we mainly do is determine the most efficient and effective approach for your situation.
More and more an independent report about information security is required. This may be because you want to justify agreements with your customer(s) or to certify suppliers for specific services. Traxion can perform an audit for you and give an opinion regarding these issues. Our professional auditors will deliver an independent report that gives answers to your questions.
Every organization will be involved in information security in some way or another. If you want to know how mature information security is within your organization, we can perform an independent maturity assessment for you. We can use market standards or your own maturity model for this. A final report will be supplied that will give insight into your position, but also into which steps you could take to achieve the next maturity level.
We will examine what your current position is when we perform a compliance assessment. We also provide written and verbal recommendations about resolving findings. The used standards are market standards such as ISO 27001 (best practice for an information security management system), NEN 7510 (Health Informatics – Information security management in healthcare), Payment Card Industry Data Security Standard (PCI DSS), Basisrichtlijn Informatiebeveiliging Rijksdienst (BIR; Basic Civil Service Information Protection Guideline)/Baseline Informatiebeveiliging Nederlandse Gemeenten (BIG; Dutch Municipality Information Security Baseline) etc. or legislation such as the EU’s General Data Protection Regulation. Company standards can, however, also be used. A benchmark is also part of the possibilities so that you can get insight into your position when compared to your friendly competitors.
The General Data Protection Regulation came into force on 25 May 2018. This expanded the current legislation with regard to privacy, security and compliance within the EU. Every organization that supplies goods and services within the EU or collects and analyzes data of EU residents must comply with the strict rules. This complex piece of legislation will possibly demand significant changes in the way that data is collected, processed and managed within your organization. Read more here.
If you want to find out whether you meet all requirements and what you need to do to be compliant, we can perform a regulation readiness assessment. Depending on your preferences, we can perform a quick scan or a more extensive assessment. In the quick scan, we will mainly study whether your organization is ready to answer questions from your customers. During the extensive assessment, we will also examine the technical state of your information systems.
Audit or assessment for your organisation?
Traxion shows the status of your security through an audit or assessment. Contact us for an assessment and discover how we can help to comply with the privacy, security and compliancy objectives that you set.