Security Consulting

Services from diverse industries are increasingly of­fered via public networks. Organizations, tech­niques and workflows need to be adapted to the new cir­cum­stances. In this respect risks have to be iden­ti­fied and essential catalogues of coun­ter­mea­sures and Es­ca­la­tion concepts have to be cus­tom­ized and im­ple­mented.

NOVOSEC analyses applications, systems and work­flows considering the organizational, technical and legal frameworks, detects and evaluates risks and con­cisely devises appropriate countermeasures.

Security Audit

Independent of considering a single application or whole System areas, the risks need to be determined and appropriate technical, organizational or pro­ce­dur­al measures have to be taken. This does not only affect new applications but also existing solutions, which need to be adapted to the new circumstances. The complexity increases if whole System areas are outsourced. The more companies, organizational and contractual Rules and Regulations involved, the more activities have to be augmented especially due to tech­ni­cal changes. Considering the policies and stan­dards we define and check controls and then build up the corresponding Compliance and Approval man­age­ment. Risks will be evaluated and traced in a so-

called Risk Register over the whole life time of the application.

Sarbanes-Oxley Act (SOx)

Sarbanes-Oxley Act (SOx) was enacted in order to protect investors in the Capital market. It demands comprehensive evidence of the efficiency of internal controls from all enterprises listed on U.S. Stock exchanges. Both for IT areas as for financial de­part­ments existing Control systems need to be enhanced to be SOx compliant and maintained for SOx-com­pli­ance. NOVOSEC supports you by establishing an ef­fi­cient Compliance process, define corresponding SOx controls and derive together with you which measures have to be implemented.