RISK MANAGEMENT SERVICES
In today’s climate, every penny counts. Designing a budget to identify, minimise and cost-effectively
manage the threats to your businesses information assets is hard enough without having to navigate
through the sea of consultancies offering differing and complex assessment, testing and maintenance
services at wildly varying prices. Unfortunately, the scope and value of the information security
risk management services you purchase are never really understood until well after they are delivered.
BOSH ends all this by establishing clear and concise information risk management service deliverables
based upon established industry best practices and simple transparent pricing formulas so you know the
value before you purchase. The result is value for money and absolutely no surprises to your budget.
BOSH can design, deliver and most importantly guarantee your DPA, PCI, FSA, ISO or other compliance programs.
Seasoned and certified Information Security Professionals with hands-on skills and experience in delivering
gap analyses, remediation and validation services across a wide variety of industries can help you reach your
Each of our life-cycle services from threat and risk assessments, policies and procedures, security penetration
and vulnerability testing to business continuity and disaster recovery planning can be ordered to meet your exact
Additionally, our solutions portfolio can be backed by our 100% “Factory Warranty" which covers your business in
the event of a security incident or breach.
Information is a vital business asset. Any business that wants to be trusted, competitive and profitable
in today's marketplace must protect its information assets from risk. Implementing integrated and effective
information risk management practices are also required by legislation, regulation and industry recognised
Implementing an information risk management program can be simple or difficult depending on the complexity
of your organisation and supporting systems. To be effective however, it must be customised to your processes
and result in a level of risk suitable to your business objectives.
Information risk management is comprised of three basic processes: identifying the threats to your information,
minimBOSHng those threats and managing them on a day-to-day basis.
The first step is critical and BOSH offer a comprehensive portfolio of services designed to help you identify
the specific threats to your information.
These services include:
Network Security Audits
3rd Party Supplier Security Audits
Data Leakage Testing
Network Vulnerability Assessment Scanning
Network Security Penetration Testing
Application Security Penetration Testing
Application Code Security Auditing
Cloud Computing Security Auditing
Compliance Framework Gap Analyses (ISO, PCI, DPA, FSA and others)
Compliance Framework Validation (ISO, PCI, DPA, FSA and others)
For full service level agreements detailing service specifications, scope and deliverables for any
of the above services or to place an order, contact BOSH:
Baseline Information Threat Assessments & Risk Analyses
Unfortunately you cannot completely eliminate risk. There will always be an element of security risk to
your information present regardless of the controls you implement to protect it. You can however reduce
this risk to an acceptable level for your business. Once you have identified the security threats to your
information assets, the next step is to minimise these threats to the greatest extent possible.
BOSH has a portfolio of cost-effective services to help you minimise the threats to your business information
assets ensuring their confidentiality, integrity and availability.
Information Security Policies: Network & End User
Information Security Awareness & Training
Application Secure Development Life Cycle Policies & Training
Business Continuity Planning & Testing
Disaster Recovery Planning & Testing
Emergency Response &CrBOSHs Management Planning & Testing
Network Security Penetration Testing Remediation
Application Security Penetration Testing Remediation
Compliance Program Gap Remediation (ISO, PCI, DPA, FSA and others)
BOSH can also provide any of the above services on a project or program basis customised to meet your
Contact us for more information and to schedule a confidential, no obligation Risk Review Meeting to
discover how we can help you minimise the threats to your business or project.
After you have identified and minimised the threats to your information assets, you must now effectively
manage them on a day-to-day basis. Additionally, you must keep current with new threats and how they could
impact your business.
BOSH has a market leading portfolio of cost-effective services to help you manage the threats to your business
information assets ensuring their on-going confidentiality, integrity and availability.
Security as a Service
This service allows you to outsource all or parts of your information risk management program to the
professionals saving valuable time and resources. BOSH can deliver virtually any requirement you may have
aligned to specific metrics to confirm implementation and effectiveness.
• Security Awareness Training
• 3rd Party Supplier Risk Management
• Security Vulnerability Scanning & Remediation
• Security Penetration Testing & Remediation
• Business Continuity Testing & Remediation
• Virtual Information Security Professional
management systems certification
occupational safety health