Snapshot of skills and competence of CERT-In empanelled IT Security Auditing Organisation

1. Name & location of the empanelled Information Security Auditing Organisation : Aujas Networks Pvt Ltd, Bangalore
   
   
2. Carrying out Information Security Audits since : February 2008
   
   
3. Technical manpower deployed for information security audits :
   CISSPs : 7
   BS7799 / ISO17799 / ISO27001 LAs : 10
   CISAs / CISMs: 7
   DISAs / ISAs : 0
   Total Nos. of Technical Personnel : 30
   
   
4. Outsourcing of information security auditing work to external Information Security Auditors / Experts : No
   
   
5. Information Security Audit Tools being used (available, installed and licensed) :
   Freeware : 24
   Commercial : 3
   Proprietary: 1
   Total Nos. of Information Security Audit Tools : 28
   (Click here for details of the information security audit tools)
   
   
6. Information Security Audit Methodology : Standard (ITIL, CoBIT 4.1, COCO ERM, ISO27001, NIST 800-30, ISO27005, CIS Benchmarks, OWASP, OSSTM)
   
   
7. Information Security Audits carried out so far :
   Govt. : 4
   PSU : 1
   Private : 35
   Total Nos. of Security Audits : 40
   
   
8. Business domains of auditee organisations : Banking, Telecom, IT/ITES, Manufacturing, Retail, Government
   
   
9. Typical applications in use by auditee organisations : Web, Banking & Financial Applications
   
   
10. Bandwidth available with an auditee organisation having most complex network :
    Internal Bandwidth (LAN / Intranet) : 1 Gbps
    External Bandwidth (WAN / Internet) : 6 Mbps
    
    
11. LAN infrastructure details of an auditee organisation having most complex network :
    No. of Computers : 1120
    No. of Servers : 30
    No. of Switches : 10
    No. of Routers : 2
    No. of Firewalls : 1
    No. of IDS' : 1
    
    
12. Ability to carry out vulnerability assessment and penetration test : Yes

Key : NA = Not Available (data not provided by the CERT-In empanelled Information Security Auditing Organisation).