French version French version Sitemap Sitemap Private AccessLogin
Sécurité Informatique

> Security Audits

IT Security depends of the technical solutions selected. However, none technology can replace an efficient configuration and an accurate management.

Audit Sécurité XMCO

Our methodology's strength is our capacity to audit all layers of your IT infrastructure in order to detect any vulnerabilities and to control the applicability of your security policy.

Our methodology is based on ISO 17799 and now the ISO/IEC 27001:2005, the open methodology OSSTMM and the Best Practices adopted by the network industry.


Some of our lastest security audits :

SMS/MMS/UMTS's platform Audit from an network operateur.

ERP Extranet's platform Audit from a French industry.

Citrix Audit from a important insurance company.


Our audits are planed with the client according to his constraints and on an specific domain. The workload is a function of the number of equipments and softwares. We also integrate penetration tests in our audit methodology.

Contact us



> ISO 27001 assessment

For our customers who are looking forward a certification of their IT systems on the basis of ISO/IEC 27001:2005, Xmco Parners offers various organisational assessment following the ISO referential.


Some ISO 27001 assessments performed by us :

Support services to rise a European Datacenter to ISO 27001.

Pre-assessment of a billing platform for a major Telecom Operator.




Want more informations ? Contact/Email us.



> Sarbanes-Oxley Audits

Since 2005, we have offered to our clients, working with American financial market, to help us with Sarbanes-Oxley Act (SoX, Section 404) and the certification of their IT infrastructure.

We have developped our own methodology to audit IT infrastructure in order to help efficiently our clients before the certification audit : The SoxIT! Methodology.


Our methodology SoxIT! is focusing on the following domains :

  • Installation of monthly and annual process control.
  • Logs and traceability management.
  • ID management.
  • ERP Security : accounts reviews, analysis of profiles, etc.
  • Backup and Disaster Recovery Plan.
  • Private Data Management
  • IT Risk management : Security Update, Antivirus.
  • Hardware management : insurances, inventory, steals


Somes instances of pre-certification Sarbanes-Oxley IT :

sox Audit of the IT infrastructure of an international software editor (USA and branch offices).

sox Audit of the multimedia and accounting platform from an european mobile operator.

Our problems experiments on IT systems and global IT security, according to our clients, ... en général nous place, selon nos clients, comme un partenaire privilégié dans les projets liés à Sarbanes-Oxley.

Contact us

Audits

> Security Audits

go: ISO 27001

go: Sarbanes-Oxley

go: Best Practices



> Other

+ Penetration Testing

+ Contact us