Snapshot of skills and competence of CERT-In empanelled
Information Security Auditing Organisation
- Name & location of the empanelled Information Security Auditing Organisation :
Appin Software Security Pvt. Ltd., Delhi
- Carrying out Information Security Audits since : September 2005
- Technical manpower deployed for information security audits :
CISSPs : 1
BS7799 / ISO17799 / ISO27001 LAs : 2
CISAs / CISMs: 0
DISAs / ISAs : 0
Total
Nos. of Technical Personnel : 15
- Outsourcing of information security auditing work to external Information Security Auditors / Experts : No
- Information Security Audit Tools being used (available, installed and licensed) :
Freeware : 11
Commercial : 7
Proprietary: 2
Total Nos. of Information Security Audit Tools : 20
(Click here for details of the information security audit tools)
- Information Security Audit Methodology : OSSTM, OWASP, BS7799, ISO27001, ISO25999, CoBIT, SANS, APPSEC
- Information Security Audits carried out so far :
Govt. : 10
PSU : 2
Private : 25
Total Nos. of Security Audits : 37
- Business domains of auditee organisations : Telecom, BPO, Manufacturing, Defence, Media, Infrastructure, IT/ITES, Banking, Financial SW, Government, Education, Travel
- Typical applications in use by auditee organisations : CBS, Oracle ERP, NMS, SAP, Peoplesoft, e-Gov., Mobile & Web Applications
- Bandwidth available with an auditee organisation having most
complex network :
Internal
Bandwidth (LAN / Intranet) : 1 Gbps
External Bandwidth (WAN / Internet) :
2 Mbps
- LAN infrastructure details of an auditee organisation having most
complex network :
No. of Computers : 262
No. of Servers : 60
No. of Switches : 212
No. of Routers : 162
No. of Firewalls : 16
No. of IDS' : 2
- Ability to carry out vulnerability assessment and penetration test : Yes
Key : NA = Not Available (data not provided by the CERT-In
empanelled Information Security Auditing Organisation).