Snapshot of skills and competence of CERT-In empanelled Information Security Auditing Organisation

1. Name, Location of the empanelled Information Security Auditing Organisation : Locuz Enterprise Solutions Ltd, Hyderabad
   
   
2. Carrying out Information Security Audits since : August 2001
   
   
3. Technical manpower deployed for security audits :
   CISSPs : 1
   BS7799 / ISO27001 LAs : 4
   CISAs : 3
   DISAs / ISAs : 0
   Total Nos. of Technical Personnel : 35
   
   
4. Outsourcing of External IT Security Auditors / Experts : N
   
   
5. Security Audit Tools used (owned, in possession) :
   Freeware : 6
   Commercial : 5
   Proprietary: 1
   Total Nos. of Audit Tools : 12
   (Click here for details of the audit tools)
   
   
6. Security Audit Methodology : Standard, Own
   
   
7. Security Audits carried out since empanelment till now :
   Govt. : 20
   PSU : 2
   Private : 15
   Total Nos. of Security Audits : 37
   
   
8. Business domain of auditee organisations : Software Developmemt, Banking, Manufacturing, e-Commerce, e-Governance, Pharmaceuticals
   
   
9. Typical applications in use by auditee organisations : ERP, Banking, e-Commerce, Customised applications.
   
   
10. Typical bandwidth (maximum) of any auditee organisations :
    Internal Bandwidth (LAN / Intranet) : 2 Mbps
    External Bandwidth (WAN / Internet) : 6 Mbps
    
    
11. Networked Infrastructure details of an organizations audited with most complex network :
    No. of servers : 370
    No. of Computer Systems : 1800
    No. of routers : 6
    No. of switches : 22
    No. of firewalls : 4
    No. of IDS' : 4
    
    
12. Ability to carry out vulnerability assessment and penetration test : Y
    
    
13. Empanelled up to : May 31, 2008

Key : NA = Not Available (data not provided by the CERT-In empanelled Information Security Auditing Organisation), Y = Yes, N = No, Std = Standard.