Audit and Risk Management

Risk Analysis and Management (CSA)

We use the CSA (Cyber Security Audit) application for risk analysis and cyber security management. With the use of integrated tools and continuous updates of the nZKB regulations and decrees, we can process the risk analysis and manage the procedural requirements of cybersecurity in one place. In the tool you will find everything you need for risk analysis according to the Cybersecurity Decree, the transposition of NIS2 and the IS0 27000 standard.

Service detail

• Assessment and scoring of assets in terms of availability, integrity and confidentiality
• GAP analysis
• Preparation and update of recovery plans
• Threat identification in relation to internal security policies
• Design of risk management plan according to PDCA
• Consultancy in the area of process and technical enhancement of the organization’s security
• Business continuity plan
• Preparation and subsequent implementation of cybersecurity audits

NIS2 Implementation

We will guide regulated entities (in both higher and lower regimes) and suppliers not directly subject to nZKB / NIS2 obligations through the implementation of technical and organisational measures.

We will provide customers with a real-time schedule for NIS2 implementation with respect to required obligations, security of core and supporting assets, development of security policies and oversight of their implementation, including implementation of a cybersecurity audit.

Service detail

• Differential analysis of organisational and technical measures in accordance with NIS2 requirements
• Processing of the Threat Register (CSA)
• Status verification (vulnerability scanning)
• Penetration testing
• Stress test using social engineering
• Data scrubbing in off-line backups
• Security workshop, management and employee certification
• GAP analysis (risk assessment)
• Connection to incident monitoring via our SOC | Security Operations Center

Management and Employee Training

We are dedicated to consulting and training in the field of cybersecurity and protection of soft targets. We implement everything tailored to the needs of our customers, current legislative and procedural requirements and registered threats.

Service detail

• NIS2: implementation of expected cybersecurity obligations
• Presentation of current techniques of attacks from hacker communities and their misuse in practice
• Overview of current cyber techniques against organisations in the Czech Republic
• Preventing cyber attacks by employee user roles
• Audience interaction with simulated attacks on their devices and network infrastructure
• Evaluation of simulated cyber attacks
• Converged security: the global trend of integrating corporate, public sector and institutional protection services
• Social engineering techniques and digital identity theft

Service detail

• Training and certification of employees according to security and user roles
• Cyber Security Master Organization Management Certification
• Enterprise Security Certification

Cyber Security Audit

With the application for risk analysis and cyber security management CSA (Cyber Security Audit) we will prepare you for a cyber security audit by certified experts with more than 10 years of experience according to the requirements of Annex 6 of Decree No. 82/2018 Coll.

Service detail

• Verification of the status of compliance with the requirements of the law on conducting cyber security audits
• Identification of the current state of cybersecurity in the organization
• Quality control and optimization of implemented measures
• Identification of deficiencies in the area of cybersecurity in order to take measures to eliminate and correct them
• Determination of the parameters for meeting the cybersecurity objectives and link to the audit findings
• Verification of corrective actions