Snapshot of skills and competence of CERT-In empanelled Information Security Auditing Organisation

1. Name, Location of the empanelled Information Security Auditing Organisation : CyberQ Consulting Pvt. Ltd., New Delhi
   
   
2. Carrying out Information Security Audits since : 2002
   
   
3. Technical manpower deployed for Information security audits :
   CISSPs : 0
   BS7799 / ISO27001 LAs : 4
   CISAs : 4
   DISAs / ISAs : 1
   Total Nos. of Technical Personnel : 28
   
   
4. Outsourcing of External Information Security Auditors / Experts : No
   
   
5. Information Security Audit Tools used (owned, in possession) :
   Freeware : 33
   Commercial : 1
   Proprietary: 1
   Total Nos. of Information Security Audit Tools : 35
   (Click here for details of the information security audit tools)
   
   
6. Information Security Audit Methodology : CISA, Own (CyberQ Method)
   
   
7. Information Security Audits carried out since empanelment till now :
   Govt. : 458
   PSU : 45
   Private : 29
   Total Nos. of Information Security Audits : 532
   
   
8. Business domain of auditee organisations : PKI, Consultancy, Software Development, Telecom, Financial Institutions, Government, PSUs, Energy, BPO/KPO, Manufacturing Design.
   
   
9. Typical applications in use by auditee organisations : PKI, ERP, Web, Client Server, MIS, Network Security Audit.
   
   
10. Typical bandwidth (maximum) of any auditee organisations :
    Internal Bandwidth (LAN / Intranet) : 100 Mbps
    External Bandwidth (WAN / Internet) : 2 Mbps
    
    
11. Networked Infrastructure details of an organizations audited with most complex network :
    No. of Computer Systems : 2000
    No. of servers : 110
    No. of switches : 60
    No. of routers : 65
    No. of firewalls : 1
    No. of IDS' : 0
    
    
12. Ability to carry out vulnerability assessment and penetration test : Yes
    
    

Key : NA = Not Available (data not provided by the CERT-In empanelled Information Security Auditing Organisation).