PTA Technologies - Practical Threat Analysis, Threat Modeling and Threat Risk Assessment for Information Technology Systems

<body bgcolor="white"> <h1 align="left"><font face="Verdana" size="1"> <a target="_top" href="http://www.ptatechnologies.com/">Home Page</a></font></h1> <h1 align="center"><font face="Verdana" size="1">PTA Qualified Partners Directory </font></h1> <p><font face="Verdana" size="1"><b>PTA Qualified Partners Directory</b> is a world-wide list of expert security consulting groups with proven experience in using the Practical Threat Analysis methodology and tools for risk assessment and compliance projects. Feel free to contact one of our qualified partners for getting tips and assistance in your risk analysis missions and add value to your service proposition.</font></p> <blockquote> <p align="left"><font face="Verdana" size="1"><b>USA & North America:</b><br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Netsecuris"> Netsecuris Inc.</a> - Security "one-stop shop".<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Treadstone 71"> Treadstone 71</a> - Focuses on prevention.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#HolisticInfoSec"> HolisticInfoSec.org</a> - Sharing infosec content and resources.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#JC Hanlon Consulting"> JC Hanlon Consulting, Inc.</a> - Information security for businesses.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Software Assocites"> Software Associates Ltd.</a> - Software security specialists.<br> <b>Africa:</b><br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Logiciel Information Security"> Logiciel Information Security Solutions Ltd</a> - Active lifecycle security.<br> <b>Central America:</b><a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#E.DIZ Actuarial Consulting"><br> E.Diz Actuarial Services & Consulting</a> - Statistics for strategic planning.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Nemesis"> Nemesis</a> - Security consultancy for information technologies.<br> <b>England & Europe:</b><br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Help2 Information Security"> Help2 Information Security</a> - Information security consultants.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Deloitte Turkey"> Deloitte Turkey</a> - Security and privacy services.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Control Policy"> Control Policy Group</a> - Information security management.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#InfoSecur"> InfoSecur</a> - IT security and cybercrime investigations.<br> <br> <b>Russia:</b><br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Pavel Khizhnyak"> Pavel Khizhnyak Security Consulting</a> - Experts of ISMS.<br> <b>Israel & Middle East:</b><br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Open Solutions"> Open Solutions</a> - Customer data protection.<br> <b>Australia & Far East</b><br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#VTechnologies"> VTechnologies P/L</a> - Specialists in IT security reviews.<br> <a href="file:///C:/Users/ML2/AppData/Local/Microsoft/Windows/Temporary%20Internet%20Files/FrontPageTempDir/pvw3.htm#Thailand Productivity Institute"> Thailand Productivity Institute</a> - Achievements by means of productivity.<br>  </font></p> </blockquote> <p align="left"><font face="Verdana" size="1">Contact <a href="mailto:sales@ptatechnologies.com?subject=PTA Qualified Partner Program"> Marina Radinovsky</a> for more details on how to <a href="mailto:sales@ptatechnologies.com?subject=PTA Qualified Partner Program"> join the PTA Qualified Partner Program</a>.</font></p> <p align="left"><font face="Verdana" size="1"> </font></p> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Netsecuris" href="http://www.netsecuris.com">Netsecuris Inc</a> is a premier provider of information security and technology support service since 2000. The company has the expertise to maintain and secure the most complex information technology systems used today and tomorrow. <br> <br> Netsecuris partners with customers to assess threats to their organizations and improve the defensible position of their networks. A defensible network is an information architecture that is well maintained, closely monitored and controlled, as well as up to date.</font></p> <p><font face="Verdana" size="1">Services provided are: </font></p> <ul> <li><font face="Verdana" size="1">Managed Security - Managed Firewall, Managed Intrusion Prevention, Managed Email Security and Security Event, Log Monitoring. </font></li> <li><font size="1" face="Verdana"><span dir="ltr">Information Security Assessments -</span> Penetration Testing, Vulnerability Assessments. </font> </li> <li><font face="Verdana" size="1"><span dir="ltr">Information Systems Risk Assessments</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Secure Network and System Design</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Information Security Consulting: Security Policy and Procedure Development, Business Continuity and Disaster Planning</span>. </font></li> </ul> <p><font face="Verdana" size="1">We use the Practical Threat Analysis methodology and product during our Risk Assessments services.</font></p> <p><font face="Verdana" size="1"><br> <u><a href="mailto:ljacobs@netsecuris.com">Contact</a></u>  Leonard Jacobs MBA, CISSP, MCP, CSSA <a target="_blank" href="http://www.netsecuris.com"> www.netsecuris.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+1-952-641-1421</font></p> <p><font face="Verdana" size="1">13278 Webster Avenue Savage, MN 55378</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:ljacobs@netsecuris.com">ljacobs@netsecuris.com</a> </font> </p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Treadstone 71" href="http://www.treadstone71.com"> Treadstone 71</a> services improve the stability, maturity, and overall risk posture of your organization no matter how large or small. We are proven to drive down your security costs while enhancing your security posture and bringing your risk-based message to the boardroom. <br> <br> Our services ensure you provide timely, reliable and cost effective security and risk management solutions that safeguard and protect information while using a holistic, defense in depth, risk-based approach to your program. </font></p> <p><font face="Verdana" size="1">Treadstone 71 balances the effectiveness of the information protection required relative to the sensitivity of the data and the dollars available. We use the PTA toolset in our overall Risk Assessment efforts that traverse multiple offerings. </font></p> <p><font face="Verdana" size="1">Treadstone 71 is owned and operated by <a target="_blank" href="http://blogs.csoonline.com/blog/jeff_bardin?q=user/48"> Jeff Bardin</a>. The company has experience in Aerospace, Federal Government, Insurance, Financial Services, Healthcare, Hospitality, Managed Service Providers, and Education.  <br>  </font></p> <p><font face="Verdana" size="1"><u><a href="mailto:info@treadstone71.com"> Contact</a></u> Jeff Bardin <a target="_blank" href="http://www.treadstone71.com">www.treadstone71.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">1-888-687-8450     508.519.0363 Fax</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:info@treadstone71.com">info@treadstone71.com</a><a href="mailto:sales@software.co.il"> </a></font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Logiciel Information Security" href="http://www.logiciel-inc.com"> Logiciel Information Security Solutions Ltd</a> is an Information Security services firm offering a diverse portfolio of services including security training and certification, penetration testing, computer forensics as well as risk management and Practical Threat Analysis (including ISO27001). <br> <br> Established in 2002 by experienced security professionals, Logiciel is independent of IT security vendors and their products, bringing the benefit of impartiality and allowing us to enable clients with the appropriate tools and knowledge necessary to secure their systems. </font></p> <p><font face="Verdana" size="1">Information Security concerns all organizations to varying degrees and Logiciel's client list includes firms from the banking, telecom, oil, pharmaceutical and entertainment sectors. We focus on a risk management approach to engineer effective security solutions that enhance our clients’ operations.  <br>  </font></p> <p><font face="Verdana" size="1"><u><a href="mailto:cesedo@logiciel-inc.com"> Contact</a></u> Cyril Esedo, CTO <a target="_blank" href="http://www.logiciel-inc.com">www.logiciel-inc.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+234-1-4738002    +234-1-7602038    +234-8053167189 </font></p> <p><font face="Verdana" size="1">13 Ayodeji Otegbola Street, Gbagada Phase 2, Lagos, Nigeria</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:cesedo@logiciel-inc.com">cesedo@logiciel-inc.com</a><a href="mailto:sales@software.co.il"> </a></font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="HolisticInfoSec" href="http://www.HolisticInfoSec.org"> HolisticInfoSec.org</a> is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve InfoSec for all who seek to do so. </font></p> <p><font face="Verdana" size="1">Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in ISSA Journal's <a target="_blank" href="http://holisticinfosec.org/content/view/12/26/"> toolsmith</a>. As well we know, those who would do harm never rest: protect your own. </font></p> <p><font face="Verdana" size="1">Holisticinfosec.org's Russ McRee incorporates Practical Threat Analysis as part of vulnerability research and penetration testing engagements.</font></p> <p><font face="Verdana" size="1"> </font></p> <p><font face="Verdana" size="1"><u> <a target="_blank" href="http://holisticinfosec.org/component/option,com_contact/Itemid,3/"> Contact</a></u>  Russ McRee at <a target="_blank" href="http://www.HolisticInfoSec.org">www.HolisticInfoSec.org</a> </font></p> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="JC Hanlon Consulting" href="http://WWW.JCHCI.COM">JC Hanlon Consulting, Inc. (JCHCI)</a> is a premier security consulting and services firm reaching out to organizations of all sizes. Each member of our senior management team has practical experience working through real issues as security officers and operations managers from Fortune 150 companies to small enterprises. We provide a complete spectrum of security consulting and services including: </font></p> <ul> <li><font face="Verdana" size="1">SAS 70, FFIEC, GLBA, PCI, SOX, C-TPAT and other Audit Preparedness services. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">Security Policy and Procedure Development</font></span></font><font face="Verdana" size="1">. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Secure Systems Architecture Design</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Business Impact Analysis & IT Risk Assessments and Practical Threat Analysis</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Ethical Hacking, Penetration Testing & Social Engineering Exercises</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Security Event Log Monitoring (SELM) Services</span>. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">Business Continuity, Disaster Recovery and Incident Response Planning and Digital Forensics</font></span></font><font face="Verdana" size="1">. </font></li> <li><font face="Verdana" size="1">Intrusion Detection and Prevention Solutions. </font></li> <li><font face="Verdana" size="1">Managed Security Services. </font></li> <li><font face="Verdana" size="1">CCTV and Integrated Facility Access and IT Single Sign-on (Physical Logical Access Controls). </font></li> <li><font face="Verdana" size="1">Facility & Data Center Security Design. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">Security Policy and Procedure Development</font></span></font><font face="Verdana" size="1">. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Training Solutions and Product Conformity Testing</span>. </font></li> </ul> <p><font face="Verdana" size="1">Our programs are based upon internationally accepted security standards and best practices (i.e. ISO27001/ISO27002, CoBiT, ITIL and others). While JCHCI embraces these standards and practices, it is our view that any practical solution must be articulated by our client’s business needs, culture, and economic situation.</font></p> <p><font face="Verdana" size="1"><br> <u><a href="mailto:INFO@JCHCI.com">Contact</a></u>  James C. Hanlon Jr. , Chief Executive Officer  <a target="_blank" href="http://WWW.JCHCI.COM">www.JCHCI.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+1 (586) 435-6231     +1 (586) 435-6245 Fax</font></p> <p><font face="Verdana" size="1">52611 Jessie Dr. Chesterfield, MI 48051-3719</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:INFO@JCHCI.com"> info@JCHCI.com</a> </font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Deloitte Turkey" href="http://www.deloitte.com.tr/security"> Deloitte Turkey</a> is a member firm of Deloitte Touche Tohmatsu. Deloitte Turkey provides its security services in 7 service lines, combining people, process and technology aspects of security in providing security management and technical security solutions: </font></p> <ul> <li><font face="Verdana" size="1">Security Management. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">Vulnerability Management</font></span></font><font face="Verdana" size="1">. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Identity and Access Management</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Infrastructure and Operations</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Privacy and Data Protection</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Business Continuity Management</span>. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">Application Integrity</font></span></font><font face="Verdana" size="1">. </font></li> </ul> <p><font face="Verdana" size="1">We employ PTA as a practical tool in risk assessment phase of our security management engagements which is the most crucial component in any information security management system.</font></p> <p><font face="Verdana" size="1"><br> <u><a href="mailto:tr.security@deloitte.com">Contact</a></u>  Deloitte Turkey Security & Privacy Services <a target="_blank" href="http://www.deloitte.com.tr/security"> www.deloitte.com.tr</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+90-212-366-63-02</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:tr.security@deloitte.com">tr.security@deloitte.com</a> </font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="E.DIZ Actuarial Consulting" href="http://www.ediz.com.ve/HomePage.aspx"> E.Diz Actuarial Services & Consulting</a> is considered as one of the first Venezuelan consulting groups with high technical level and expertise. The firm is engaged in actuarial and statistical consulting with more than 14 years in operation, providing each of our clients with professional risk assessment services and technical advice to warrant their best investment. <br> <br> We implement a system of periodic visits to each of our clients’ sites (made by a senior officer) in order to asses the local concerns and provide quick mitigation to prioritized problems, thus maintaining a dynamic way of Practical Threat Analysis with the highest level of service and communication. With our advanced data processing simulation packages and PTA threat modeling and risk management tool, we follow up on the details of every process, and provide the best specific advisories that support and facilitate our clients’ decisions and asses the service received. </font></p> <p><font face="Verdana" size="1">The company is specializing in serving the Banking, Finance, Electric Power, Insurance<br> Manufacturing and Petroleum industries. Among our clients are Shell, British Petroleum, CADAFE, Enerven, Enelbar, IESA, Banco Federal, Nestle, Chevron, Heinz, Raytheon Engineers, Avon and many other <a target="_blank" href="http://www.ediz.com.ve/Clientes.aspx">leading enterprises</a> in Central America. <br> <br> <u> <a href="mailto:evaristo_diz@ediz.com.ve?subject=Statistical Security Consulting"> Contact</a></u> Professor Evaristo Diz, CEO and Chief Analyst <a target="_blank" href="http://www.ediz.com.ve/HomePage.aspx">www.ediz.com.ve</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+58-212-985.7207</font></p> <p><font face="Verdana" size="1">+58-212-985.9675</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:evaristo_diz@ediz.com.ve?subject=Statistical Security Consulting"> evaristo_diz@ediz.com.ve</a><a href="mailto:sales@software.co.il"> </a> </font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Help2 Information Security" href="http://www.help-2.com"> Help2 Information Security</a> provides Information Security expertise around ISO27001. With over 9 years experience we can assist with all ISO27001 requirements, from SOA through to implementation. Having a qualified ISO27001 Lead Auditor (also MCP and CEH) allows us to tailor your requirements and ensure they are 100% compliant. </font></p> <p><font face="Verdana" size="1">Help2 has extensive knowledge of various security products and is compiling a growing number of specific tools to aid customers security efforts. We use PTA Professional as part of our review process to highlight the risks in your systems. As we specialise in ISO27001 we utilise the ISO27001 library for PTA. </font></p> <p><font face="Verdana" size="1">We have experience in the Investment and Retail Banking arenas and also within a UK Utility Company.</font></p> <p><font face="Verdana" size="1"> </font></p> <p><font face="Verdana" size="1"><u> <a target="_blank" href="http://www.help2.co.uk/index.php?option=com_dfcontact&Itemid=37"> Contact</a></u>  Steve Boydon, CEH, MCP, ISO 27001 Lead Auditor at <a target="_blank" href="http://www.help2.co.uk">www.help2.co.uk</a> </font></p> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="VTechnologies" href="http://members.iinet.net.au/~vtk/security.html"> VTechnologies P\L</a> is an IT Systems Integration and Support company based in Queensland, Australia. We provide public and private sector clients with deep hands-on expertise in IT security, facilities, project and applications development as follows: </font></p> <ul> <li><font face="Verdana" size="1">Security Operations Group - IT Security Reviews, Information Security Governance Programs, Threat & Risk Assessment with PTA methodology and tool. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">F</font></span></font><font face="Verdana" size="1">acilities Management Group - Data Centre Management, MIMS, Oracle, and Unix/Linux Systems Management. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">P</font></span></font><font face="Verdana" size="1">roject Management Group - Our team of Chartered Accountants and Auditors support high-quality IT and finance system implementations. </font></li> <li><font face="Verdana"><span dir="ltr"><font size="1">A</font></span></font><font face="Verdana" size="1">pplications Development Group - Custom application development, specializing in Oracle databases. </font></li> </ul> <p><font face="Verdana" size="1">We employ the Practical Threat Analysis security methodology & tool to provide services in the Asia Pacific region providing clients with faster and more cost effective Security Threat & Risk Analysis services. </font></p> <p><font face="Verdana" size="1"><br> <u><a href="mailto:info@vteks.com">Contact</a></u>  VTechnologies P\L <a target="_blank" href="http://www.vteks.com">www.vteks.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+61-0413-308-205</font></p> <p><font face="Verdana" size="1">PO Box 2064, Runcorn, QLD. 4113 </font></p> <p><font face="Verdana" size="1">email: <a href="mailto:info@vteks.com"> info@vteks.com</a> </font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Pavel Khizhnyak" href="mailto:isec.consulting@gmail.com?subject=PTA Security Consulting"> Pavel Khizhnyak Security Consulting</a>  - Specializes in threat analysis and security audit projects for leading banks and financial institutions in the Republic of Belarus. The firm has developed and implemented a full international standard-based Information Security Management System based on PTA Professional infrastructure and calculative engine. The solution is implemented in full conformity with PCI DSS and ISO 27001 and the ISO 17799 standards.<br> <br> Pavel Khizhnyak has an impressive experience in information security and is well familiar with the special needs of financial organizations regarding the protection of their clients’ data integrity and confidentiality. Pavel will be happy to share his experience with PTA users world-wide.<br> <br> <u><a href="mailto:isec.consulting@gmail.com?subject=PTA Security Consulting"> Contact</a></u> Chief Analyst, Belarus - Pavel Khizhnyak at:</font></p> <blockquote> <p><font face="Verdana" size="1">+375 (296) 511-323</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:isec.consulting@gmail.com?subject=PTA Security Consulting"> isec.consulting@gmail.com</a></font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" href="http://www.software.co.il/content/view/227/77/"> Software Associates Ltd.</a> is a professional global consultancy that works with companies seeking to reduce their security costs. Our expertise enables a business to analyze, mitigate and optimize their operational risk. <br> <br> Software Associates IT Audit programs are specially tailored for C-level executive staff at publicly-traded companies that must comply with Sarbanes-Oxley and financial institutions that must comply with Basel-II or Solvency-II for insurance companies. </font></p> <p><font face="Verdana" size="1">Our operational risk management methodology employs PTA for quantitative threat modeling of critical business functions in order to ensure that the model is a robust reflection of reality. Our recommendations for optimized risk mitigation plans are stated in dollars, in a language that senior executives and the board can understand. We work with our executive staff clients throughout the entire life cycle of operational risk management from data collection, through risk modeling, mitigation and monitoring of risk profile. We supervise implementation of security countermeasures and delivery of timely reporting of risk control costs and implementation status. <br> <br> <u><a href="mailto:sales@software.co.il">Contact</a></u> the Software Associates sales information center at:</font></p> <blockquote> <p><font face="Verdana" size="1">+1-301-841-7122</font></p> <p><font face="Verdana" size="1">+972-8-970-1485 (Outside the US) </font> </p> <p><font face="Verdana" size="1">email: <a href="mailto:sales@software.co.il">sales@software.co.il </a></font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Nemesis" href="http://www.auditor-ti.com">Nemesis, Gobierno y Seguridad en Tecnologias de la Información</a> is a world-class security service consultancy for information technologies located at Mexico City: </font></p> <ul> <li><font face="Verdana" size="1">CISA, CISM, CCNA, CEH, certified team members with <span dir="ltr">seven years of experience in the IT governance, control and security arena</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Work experience with 100 Fortune companies from different sectors: automotive, manufacturing, mortgage, marketing, logistics, financial and automation/robotics (industrial controls) environments.</span> </font></li> <li><font face="Verdana" size="1"><span dir="ltr">We employ security and risk assessment methodologies, standards and regulations: PTA - Practical Threat Analysis for Cobit, ISO 27001, Sarbanes Oxley and NIST</span>. </font> </li> </ul> <p><font face="Verdana" size="1">All our services are based on practical threat risk assessment to avoid unnecessary controls, costs, and stressing to the organization. Our services cover the following: </font></p> <ul> <li><font face="Verdana" size="1">IT organization - management, systems development, help desk and operations. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">IT Infrastructure - data centers, networks, servers and DBMS</span>. </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Security of business, manufacturing and automation applications.</span> </font></li> <li><font face="Verdana" size="1"><span dir="ltr">Security policies, standards and procedures as well as processes audit, risk assessment, business impact analysis, vulnerability assessment, disaster recovery plan, business continuity plan and information security strategy</span>. </font> </li> <li><font face="Verdana" size="1"><span dir="ltr">IT third party assessment and training</span>. </font></li> </ul> <p><font face="Verdana" size="1"><u><a href="mailto:jlaparicio@auditor-ti.com"> Contact</a></u>  Jose Luis Aparicio C. CISA, CISM <a target="_blank" href="http://www.auditor-ti.com">www.auditor-ti.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+52-55-5896-3176</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:jlaparicio@auditor-ti.com">jlaparicio@auditor-ti.com</a> or <a href="mailto:lmorenor@auditor-ti.com">lmorenor@auditor-ti.com</a></font></p> </blockquote> <hr> <p> <a target="_blank" name="Control Policy" href="http://www.controlpolicy.com/services"> <font face="Verdana" size="1">Control Policy Group </font></a> <font face="Verdana" size="1">- Experts in PTA and ISO 27001/2 standard to help client assess enterprise risk and build sustainable information security management framework. Such way is accepted by client as logical because final responsibility for IT risk lies with security officer who reports to management board in Poland. </font></p> <p><font face="Verdana" size="1">Security officer must show that policies, plans and procedures, skills and expertise training operate in such way that responsibility and accountability follows hierarchy of organization from line operation to board level. <br> <br> Due to internal regulations "big" prospects like insurance companies and telecom providers must comply with standard risk assessment of Information Security Management BS 7799.2:2002/ ISO 27001/27002 and prove that institution has set out the organisational approach to managing information security. Contact us for more information.<br> <br> <u><a href="mailto:maciej.l@controlpolicy.com">Contact</a></u> Sales manager, Poland - Maciej Lewandowski <a target="_blank" href="http://www.controlpolicy.com">www.controlpolicy.com</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+48-608-293030</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:maciej.l@controlpolicy.com?subject=ISO 27001/2 consulting"> maciej.l@controlpolicy.com </a></font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" href="http://www.opensolutions.co.il/content/view/28/32/"> Open Solutions</a> knows that most data security breaches stem from internal, not external threats. A younger, hip, technology-savvy workforce, organized crime, and poor hiring and screening practices are the key contributors to employee fraud. <br> <br> The founders have been involved in the field of trusted insider threats and data leakage since 2002 and have practical hands-on experience with commercial organizations of all sizes in the US, Middle East and Europe. Open Solutions eRisk(TM) is a 48 hour data security risk assessment that uses PTA and Fidelis Security Systems XPS to monitor outgoing traffic and build a clear picture of threats that exploit vulnerabilities of critical customer data assets. </font> </p> <p><font face="Verdana" size="1">Open Solutions PTA for PCI DSS package is an ideal solution for consultants to performance cost-effective PCI compliance audits for smaller merchants.<br> <br> <u><a href="mailto:yuvala@opensolutions.co.il">Contact</a></u>  Yuval Avital, VP Business Development for projects and partnerships <a target="_blank" href="http://www.opensolutions.co.il">www.opensolutions.co.il</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">+972-525-311-790</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:yuvala@opensolutions.co.il">yuvala@opensolutions.co.il</a> </font></p> </blockquote> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="Thailand Productivity Institute" href="http://www.ftpi.or.th/Home/tabid/36/Default.aspx"> Thailand Productivity Institute</a> - Training and consulting services: defend, support and promote a principle of productivity. </font></p> <p><font face="Verdana" size="1">Due to the Computer Crime law, many firms in Thailand need experts and security solutions to help them comply with the regulation. ISO/IEC 27001- Information Security Management is used in a wide range of industries and government institutions to provide confidentiality integrity and availability. Security breaches raise security awareness among CIO and non-IT professionals to protect information assets properly.  </font></p> <p><font face="Verdana" size="1">We use PTA as a great tool to manage risks identified in the scope of ISMS implementation.<br> Ease of use and very nice ISO27001 library help us save more time to reduce things to do in risk assessment process. PTA also generates very good reports in many views which help manage risks based on analyzed data.<br> <br> <u><a href="mailto:pryn@ftpi.or.th">Contact</a></u>  Pryn Sereepong, ISMS/ISO27001 Lead auditor <a target="_blank" href="http://www.ftpi.or.th/Home/tabid/36/Default.aspx"> www.ftpi.or.th</a> at:</font></p> <p><font face="Verdana" size="1">12-15th fl. Yakult Building 1025 Pahonyothin Rd. Bangkok 10400 Thailand.  </font></p> <p><font face="Verdana" size="1">+66-2-6195500</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:pryn@ftpi.or.th"> pryn@ftpi.or.th</a> </font></p> <hr> <p><font face="Verdana" size="1"> <a target="_blank" name="InfoSecur" href="http://www.infosecur.cz">InfoSecur</a> is an independent consultancy firm specializing in IT security and investigations of cybercrime. The company is managed by Mr. Jindrich Hlavaty who has over 15 years of experience with IT security and cybercrime investigating. </font></p> <p><font face="Verdana" size="1">InfoSecur implements standard-based Information Security Management System on the foundation of ISO 27000 family of standards and has great expertise in making audits of security systems.  </font></p> <p><font face="Verdana" size="1">By virtue of using the Practical Threat Analysis security methodology & tool, InfoSecur provides professional and effective Security Threat & Risk Analysis services for clients in the Czech Republic and in Central Europe.<br> <br> <u><a href="mailto:info@infosecur.cz">Contact</a></u>  Jindrich Hlavaty <a target="_blank" href="http://www.infosecur.cz">www.infosecur.cz</a> at:</font></p> <blockquote> <p><font face="Verdana" size="1">Topolova 646, 28924 Milovice, Czech Republic.  </font></p> <p><font face="Verdana" size="1">+420-776-166-833</font></p> <p><font face="Verdana" size="1">email: <a href="mailto:info@infosecur.cz"> info@infosecur.cz</a> </font></p> </blockquote> <hr> <p align="center">  </p> <p align="center"> <font face="Verdana" size="1"> ***</font></p> <p align="center"> </p> <p align="center"><font face="Verdana" size="1"> <a target="content" href="CommentsFrameset.htm"><b>PTA Professional Forum</b></a><br> <a target="_top" href="http://www.ptatechnologies.com/">Home Page</a></font></p> </body>