Security Compliance

In partnership with ZINAD Consulting, our services include developing ISO 27001 Compliant Policies and procedures, Risk Assessment and Gap Analysis to let our customer know about the current security posture. We also offer standardized methodology of PCI Certification. Through our PCI audit team of qualified personnel we can clearly segregate your PCI scope

We bring qualified security experts who will work with you to assess your organization’s exposure to information security risk. This assessment can address both technical and non-technical controls and business processes and can be used to feed into your compliance processes (e.g. as required by both PCI DSS and ISO 27001).

Brilliant Associates can take full responsibility for fulfilling any of the required compliance processes for you:

  • Risk Assessment


    is the process of assessing risks and making sensible accountable decisions about the handling of those risks. Risk has three components: vulnerability, threat, and impact (the consequences of the threat being realized and its directly dependent on the asset value). This might affect confidentiality, availability or integrity. Time may also be a critical factor in determining impact.

  • Gap Analysis


    A secure SDLC Gap Analysis identifies key points within your SDLC to introduce or refine security activities. It also provides recommendations for improved tool usage and skills development. The result is a step-by-step roadmap to foster good security habits as part of each team member's behavior

  • Implementation


    When the security policies and procedures are all drawn up, revised, updated and agreed upon, the implementation process should be followed to implement specific information security policies and procedures, however, this is usually harder than the creation of the policies and procedures, due the fact that at this stage the customer also need to coach and educate their staff to behave in a «secure» manner, following each of the core elements pointed in the formal security policies and procedures.

  • IS Policy Development



    The policy development process must be executed as a collaborative effort between key organization personnel and our policy development team. The following process will be followed:

    Establishing the security policy review team. This is a joint team of organization staff as well as key personnel from our policy development team.
    - Formulate the detailed scope and goals of the above mentioned policies.
    - Fact collection and interviews with employees.

    Our team will develop first draft.
    -Presentation for key end-users and feedback solicitation.

    -Final document development and review.

  • Security Awareness


    During this phase, our consultant will review the current awareness program, review awareness presentations & materials and setup the awareness program plan.

  • Certification


    During this phase, our consultant will review the current awareness program, review awareness presentations & materials and setup the awareness program plan.

Get Compliant