• BASIL II
• Bill 198 - Canadian Sarbanes Oxley
• CISA (ISACA)
• GLB
• CobiT
• ISF
• ITIL

• NERC CIP
• NIST PIPEDA
• PCI DSS readiness
• RCMP / CSE TRA
• Sarbanes Oxley, SOX
• Canadian SOX or C-Sox
• GDSN compliance for GS1 data pools

Compliance Audit Checklist

• Specific control points within the standard to be audited
• Business drivers for the selected control points
• Policy and Procedures
• Operational Security
• Asset Classification and Control
• Personnel Security
• Physical and Environmental Security
• Access Control
• Network Security
• Application and Database Security
• Incident Management
• BCP / DRP
• Governance
• Compliance Audit Report
  • violations / vulnerabilities
  • remediation
    risk level
  • evidence
  • cross index with standard
  • Compliance certification opinion letter or assistance with completion of compliance certificate

• CISSP, CISM designated auditors.
• Extensive experience identifying IT and Internet security vulnerabilities and correlating them with compliance control points within standards.