Snapshot of skills and competence of CERT-In empanelled Information Security Auditing Organisation
- Name, Location of the empanelled Information Security Auditing Organisation : Haribhakti & Co. (CA), Mumbai
- Carrying out Information Security Audits since : July 1998
- Technical manpower deployed for Information security audits :
CISSPs : 0
BS7799 / ISO27001 LAs : 3
CISAs : 10
DISAs / ISAs : 6
Total Nos. of Technical Personnel : 21
- Outsourcing of External Information Security Auditors / Experts : Yes
- Information Security Audit Tools used (owned, in possession) :
Freeware : 3
Commercial : 3
Proprietary: 0
Total Nos. of Information Security Audit Tools : 6
(Click here for details of the audit tools)
- Information Security Audit Methodology : COSO & COBIT, ISO 27001, BS 25999
- Information Security Audits carried out since empanelment till now :
Govt. : 4
PSU : 8
Private : 24
Total Nos. of Security Audits : 26
- Business domain of auditee organisations : Tax Information Network, Depository, Banking & Financial Services, Insurance, Call Centres, Regulators
- Typical applications in use by auditee organisations : Online/Internet Trading, Dealing Room, Depository Participant Modules, Treasury, CBS, Core Insurance, Bank Call Centre, Electronic Procurement, OLTAS
- Typical bandwidth (maximum) of any auditee organisations :
Internal Bandwidth (LAN / Intranet) : 100 Mbps
External Bandwidth (WAN / Internet) : 2 Mbps
- Networked Infrastructure details of an organizations audited with most complex network :
No. of Computer Systems : 300
No. of servers : 20
No. of switches : 10
No. of routers : 300
No. of firewalls : 3
No. of IDS' : 1
- Ability to carry out vulnerability assessment and penetration test : Yes
Key : NA = Not Available (data not provided by the CERT-In empanelled Information Security Auditing Organisation).