Snapshot of skills and competence of the CERT-In empanelled Information Security Auditing Organisation

  1. Name, Location of the empanelled Information Security Auditing Organisation: Information Systems Auditors & Consultants Pvt Ltd, Mumbai

  2. Carrying out Information Security Audits since : July 1997

  3. Technical manpower deployed for information security audits :
    CISSPs : 1
    BS7799 / ISO27001 LAs : 1
    CISAs : 5
    DISAs / ISAs : 0
    Total Nos. of Technical Personnel : 6

  4. Outsourcing of information security auditing work to other external Information Security Auditors / Experts : Yes

  5. Information Security Audit Tools used (owned, in possession) :
    Freeware : 6
    Commercial : 0
    Proprietary: 0
    Total Nos. of Audit Tools : 6
    (Click here for details of the audit tools)

  6. Information Security Audit Methodology : BS7799, COBIT

  7. Information Security Audits carried out since empanelment till now :
    Govt. : 1
    PSU : 2
    Private : 13
    Total Nos. of Security Audits : 16

  8. Business domain of auditee organisations : IT Governance, Banking, Pharma

  9. Typical applications in use by auditee organisations : Banking, ERP, web, MIS

  10. Typical bandwidth (maximum) of any auditee organisations :
    Internal Bandwidth (LAN / Intranet) : 1 Gbps
    External Bandwidth (WAN / Internet) : 16 Mbps

  11. Networked Infrastructure details of an organizations audited with most complex network :
    No. of Computer Systems : 2000
    No. of servers : 55
    No. of switches : 200
    No. of routers : 175
    No. of firewalls : 2
    No. of IDS' : 1

  12. Ability to carry out vulnerability assessment and penetration test : Yes

Key : NA = Not Available (data not provided by the CERT-In empanelled Information Security Auditing Organisation).