Outsourced Risk Assessment

As more organizations consider IT outsourcing, it is important to carefully balance the financial gains with that of the additional risks imposed from providing access to the sensitive data and the critical infrastructure of a company to unknown entities anywhere in the world.

Who is watching over the service providers that are responsible for your critical IT assets? Outsourcing IT has the potential of adding special security risks that need consideration. Whether an organization is outsourcing software development, application support or infrastructure management, Halock's Outsourcing Risk Assessment will review whether or not the service provider(s) have the proper controls and governance in place to meet the contract, regulation and statement of work obligations. Halock's security team reviews:
  • Contracts and Statement of Work details
  • Connectivity and network security
  • Privacy policies and controls for access to data assets
  • Project governance controls and reporting
  • Compliance with regulatory requirements
  • Monitoring and review of service provider health and industry standing

Using ISO 27001 to maximize your security investment:

As security breaches intensify and regulations multiply, the need for a framework to manage vulnerabilities is eminent. ISO 27001/27002 provides the guidance to initiate, build, manage, and assess information security within any organization.