Snapshot of skills and competence of CERT-In empanelled Security Auditor

1. Name, Location of the Empanelled Security Auditing organisation : AAA Technologies Pvt. Ltd., Mumbai
   
   
2. Carrying out Information Security Audits since : 2000
   
   
3. Technical manpower deployed for security audits :
   CISSPs : 3
   BS7799 / ISO27001 LAs : 5
   CISAs : 9
   DISAs / ISAs : 3
   Total Nos. of Technical Personnel : 20
   
   
4. Outsourcing of External IT Security Auditors / Experts : No
   
   
5. Security Audit Tools used (owned, in possession) :
   Freeware : 19
   Commercial : 0
   Proprietary: 1
   Total Nos. of Audit Tools : 20
   (Click here for details of the audit tools)
   
   
6. Security Audit Methodology : ISACA, ISO 27001 / BS 7799, COBIT
   
   
7. Security Audits carried out since empanelment till now :
   Govt. : 88
   PSU : 34
   Private : 15
   Total Nos. of Security Audits : 137
   
   
8. Business domain of auditee organisations : Stock Brokers, Banking, Travel, Insurance, Railways, Govt.
   
   
9. Typical applications in use by auditee organisations : Banking, Tally, ERP, Home grown applications
   
   
10. Typical bandwidth (maximum) of any auditee organisations :
    Internal Bandwidth (LAN / Intranet) : 100 M bps
    External Bandwidth (WAN / Internet) : 2 M bps
    
    
11. Networked Infrastructure details of an organizations audited with most complex network :
    No. of Servers : 500
    No. of Computer Systems : 1000
    No. of Routers : 10
    No. of Switches : 40
    No. of Firewalls : 30
    No. of IDS' : 20
    
    
12. Ability to carry out vulnerability assessment and penetration test : Yes
    

Key : NA = Not Available (data not provided by the CERT-In empanelled Information Security Auditing Organisation).