IT GRC Assessment
IT Governance, Risk, and Compliance (GRC) plays an important role in ensuring your organization maintains an effective operational strategy for managing its overall governance, enterprise risk management, and regulatory compliance efforts. Across Verticals provides comprehensive assessments that ensure your organization stays compliant with regulatory requirements with improved cybersecurity measures.
External Service Provider Assessment (BNM RMIT Appendix 9)
Any new services or major enhancements that are related to e-banking, internet insurance, and internet takaful services require the financial institution’s notification to Bank Negara Malaysia (BNM). These notifications are to be attested along with an independent external party’s assurance that the technology risks and security controls associated with the services have been adequately addressed and implemented.
Across Verticals provides independent assessments on these services or enhancement as an independent External Service Provider (ESP), where we will review the comprehensiveness of the risk assessment performed by the financial institution and validate the adequacy of the control measures implemented or to be implemented, as per the requirements in the BNM RMIT Appendix 9.
We assess the security requirements by breaking down the key areas into specific controls and provide our customers with a comprehensive risk-based assessment that is relevant to the operations and nature of each unique service. We have worked with numerous financial institutions including banks and insurance organizations and provided the attestations.
Cloud Security Risk Assessment
The Cloud plays an essential role in today’s IT infrastructures and applications, as virtualization of systems and assets consumes fewer resources compared to on-premise solutions. While Cloud adoption and migration bring new opportunities, they also bring new and evolving cyber threats. Across Verticals provides a comprehensive assessment ensuring your cloud environment is secured from the latest Cloud cyber threats, including all types of service models such as IaaS, PaaS, or SaaS.
Our consultants are certified in the Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance (CSA), which ensures our consultants are equipped with a comprehensive and unbiased understanding of how to effectively secure data in the cloud. For financial institutions, we ensure that the assessed controls are in compliance with Cloud security requirements in the BNM RMIT.
Secure SDLC Assessment
A Secure Software Development Lifecycle (SDLC) process is important because it ensures the security assurance of specific activities including architecture analysis, code review, and penetration testing, all of which are integral aspects of the development effort.
To ensure that your security is integrated at every phase of your SDLC, Across Verticals will assess and ensure that adequate governance and operational controls have been implemented in each phase to improve the process of identifying and mitigating security risks throughout the software development process.
IT Audit Readiness
In today’s data-driven business landscape, IT audits are no longer just a regulatory checkbox – they’re a crucial tool for ensuring your digital infrastructure is secure and efficient. IT Audit readiness helps prepare your organization before an external organization does a deeper dive into your systems and processes (IT Audit).
The primary goal when conducting an IT audit readiness assessment is for us to scrutinize every aspect of your organization’s security system and detect any gaps or weaknesses that should be fixed before going for a formal audit and having it highlighted by external auditors.
This assessment focuses on exposing your system’s vulnerabilities in a safe environment, testing your processes rigorously, and scrutinizing your documentation for completeness. At Across Verticals we assist in preparing our customers for the IT Audit while tailoring our solutions to your business’s needs, so once we’ve identified any potential gaps we will help your organization implement long-term solutions that will only further fortify your security systems.
Don’t wait for auditors to uncover your systems’ strengths and weaknesses. Embrace IT audit readiness as a continuous process, and transform potential audit stress into an opportunity for growth and optimization.
SWIFT Customer Security Programme Assessment
Swift’s Customer Security Programme (CSP) helps financial institutions ensure their defences against cyberattacks are up-to-date and effective, to protect the integrity of the wider financial network. Users compare the security measures they have already implemented with those detailed in the Customer Security Controls Framework (CSCF), before attesting their level of compliance annually.
It is a SWIFT requirement to verify compliance with all mandatory controls and provide the attestation to SWIFT. The attestation must be supported with an independent assessment, which Across Verticals provides as per the latest CSCF requirements as an external assessor.
Across Verticals is one of the registered CSP assessment providers in the Swift Partner Programme, where our assessors are equipped with extensive knowledge of the CSP assessment methodology as well as SWIFT components and architecture requirements. You may find us on the CSP Certified Assessors Directory | Swift. Being part of the SWIFT Partner Programme also allows us to work closely with SWIFT, which fosters collaboration, knowledge sharing, and best practice development, enabling us certified assessors to deliver even better CSP assessment services to our customers.
Across Verticals has performed numerous SWIFT CSP Assessments for financial institutions, including regulatory banks. We have also provided independent assessments for organizations located both locally and abroad.
Cybersecurity Awareness Training
An organization’s employees are one of the biggest risks to its cybersecurity. In fact, human error is often considered the leading cause of data breaches. However, an organization’s employees can also be a huge asset for an organization’s cybersecurity. If employees are provided with the knowledge that is required to identify cyber threats; through an effective and engaging security training program, they can act as another line of defense for the organization.
We have designed a mature and comprehensive training syllabus to help your employees maintain their awareness of recent cyber security threats and attacks.
Cyber Capability Maturity Assessment
Your organization’s current cybersecurity strategy and posture may be good but there’s always room for improvement to make it great and stronger than before. As cyber threats evolve, it can be hard to keep up as a new one emerges every day, which is all the more reason why your organization should be ever ready to handle these threats head-on without having your security compromised.
The cyber capability maturity assessment evaluates your organization’s current security practices, policies, and processes. We help you understand where your strengths and weaknesses are and how they can be improved to make sure your security defenses are top-notch and align with the best industry standards.
Across Verticals is here to help you improve your organization’s readiness to deal with these cyber attacks. This assessment gives you a clear benchmark and a proper roadmap on areas for improvement as these vulnerable areas will be the main target for attackers.
Cyber Compromise Assessment
As everything around is becoming more technologically advanced, cyber threats are equally evolving and looming. But how are you supposed to know if your business has already been compromised? Our cyber compromise assessment would be your first line of defense to protect your business from cyber attacks.
A cyber compromise assessment is an extensive evaluation of your organization’s IT infrastructure to detect any signs of ongoing or past data breaches. This assessment helps us comb through all your systems to identify traces of compromisation.
This assessment is crucial for your business because it can help identify any hidden threats that have compromised your systems and are trying to stay undetected and allow your organization to make the necessary efforts to get rid of them. Additionally, this assessment not only helps strengthen your security systems but also prevents future data breaches that could save your organization from large financial losses.
Data Centre Risk Assessment
Data centres play an important role in housing your critical IT infrastructure and sensitive assets. Across Verticals’ Data Centre Risk Assessment (DCRA) services are focused on ensuring that your data centre is secure, resilient, and capable of mitigating potential risks that could affect your business continuity, data integrity, and availability.
We assess your Data Centre in multiple aspects including Network Architecture, Resiliency, Physical Security, Logical Security, Environment Security, Capacity Management, Operations, and Governance management.
Network Resiliency Assessment
It is crucial to ensure your network infrastructure is resilient against any unexpected disruptions or cyber-attacks. Across Verticals’ Network Resilience Assessment (NRA) is designed to identify vulnerabilities and weaknesses in your network’s design, operations, and security, as per industry standards and regulation requirements.
Leave your message and we'll get back to you shortly.