GOVERNANCE, RISK AND COMPLIANCE
We take care of security so that the future of your business is in your own hands.
Governance solutions ensure that IT processes are in line with strategy and policies, and add value to the organization.
With our highly specialized, certified team, we offer our customers services such as the performance of all the process mapping, conformity analysis and the cybersecurity risks and policies in your company, thereby guaranteeing security and compliance with national and international legislation and with market frameworks – PCI-DSS, HIPAA, etc.
GRC in numbers
of Brazilian companies do not comply with the GDPR.*According to the survey entitled "GDPR in the Brazilian Market”
specialists working on business compliance.
Business interruption and data theft figure among the main targets of cyberattacks.
We deliver specialized services
Services that guarantee businesses’ compliance in the hybrid, digital world, in addition to the integrity of the infrastructure, applications, data and reputation of our customers.
MAINTENANCE OF PCI-DSS CERTIFICATION
– Gap analysis - It shows current status with regard to the requirements of the standard for planning efforts and investment.
– Premiere Support Audit– Specialized TIVIT professionals represent the customer in international certification processes.
DATABASE MANAGEMENT SUPPORT IN ACCORDANCE WITH THE GDPR
– Assessment - preparation and diagnosis of the organization to evaluate maturity and structuring of a project for privacy.
– Implementation - implementation of policies and preventive controls for the privacy and protection of personal data.
– Governance – establishing of processes of incident monitoring and support to sustain a program of personal data protection.
OPERATIONS OBSERVING THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA) FOR HEALTH COMPANIES IN THE AMERICAN TERRITORY
– Health Information Systems - technical support for the implementation of systems specifically developed for the area of health.
– Personal Health Record Protection - protection and control of personal health records (PHR).
– HIPAA Applied Security - implementation of specially designed security to comply with the requirements of North American regulation.
– Quick Assessment – dynamic evaluation for quick gains and definition of priorities.
– Assessment 360 – complete evaluation of the environment, based on renowned methodology (CIS, ISO 27001, COBIT).
– Security Roadmap - assistance in creating a complete roadmap for delivering the task.
– Phishing tests..
– Gamified security training.
– Boot camp - In-house training for recognizing cyber risk.