digitalage.co.indigitalage.co.in/files/brief profile 270910.doc · web viewway2wealth brokers pvt....

IT Security Solution Providers & IS Auditors IT Security Solution Providers & IS Auditors Corporate Office # 204, “Lakshminarayan Complex”, 2nd Floor, Panduranganagar Opp HSBC, Bannerghatta Road, Bangalore 560 076Ph : 91-080-26485148, 41503825, 41218560 Mobile : 9448088666, 9448055711 Email :- [email protected], [email protected]

Profile of Digital Age

OUR MISSION

To offer our Customers high quality IS Audit and Information Technology Consultancy Services, Management Consultancy, BPO services and Training relating to professional courses, soft skills that will positively impact their revenues and provide tangible benefits that enhance their competitive advantage.

OUR MOTTO

“Business with

Wisdom and Growth with Assurance.”

OUR VISION

“To be amongst top 10 leaders in IT Security Audit and Consultancy Services in India by 2015 and globally by 2020”.QUALITY POLICY:

We have a very clearly defined & simple quality policy that states that “We should endeavor to be the best in our areas of operations by:

Ensuring Total Customer Satisfaction all times by following best practices.

Empowering our “People Resources” to take pride themselves and the ownership of Quality.

Endeavoring to create an Entrepreneurial Environment to conduct meaningful business.”

The Company was incorporated with CISA, CISSP, ISO9001 & ISO 27001 IRCA Certified Lead Auditors as Promoter Directors. The Directors and consultants have vast experience in various fields like ISO 9001 Certification, ISO 27001 Certification, IT Security /IS Audits, Consultancy, Training, BPO activities etc.

DIGITAL AGE has the strengths and ability to design and deliver IT Security Management Solutions with scale and longevity where risks are finally mitigated in the process by leveraging available enterprise resources for turnaround and major security management experience to our clients.

IT Security Solution Providers & IS Auditors IT Security Solution Providers & IS Auditors

DIGITAL AGE has an exclusive Quality & IT Security Department with CISAs, ISAs, CISSPs, CISM qualified professionals. Digital Age has Professionals who are ISO 27001 IRCA, UK Certified ISMS Lead Auditors, ISO 9001:2000 IRCA, UK Certified Lead Auditors, ISO 20000 Lead Auditors, ISO 14000 Lead Auditors and Certified Software Quality Analyst (CSQA) well experienced in the Finance, Banking & IT domains. Our Professionals are capable of implementing IT Security Certification, ISO Quality Certification, Software Audits and software development life cycle. We also have professionals with technical knowledge who can take up network auditing and vulnerability and penetration testing assignments.

DIGITAL AGE - SERVICES

Digital Age is empanelled as IT SECURITY AUDITORS by CERT-In, Ministry of Communications & Information Technology, Department of Information Technology, Government of India, New Delhi for full scope IT Security Audit.

Digital Age is empanelled as IT SECURITY AUDITORS by the Controller of Certifying Authorities (CCA), Ministry of Communications & Information Technology, Department of Information Technology, Government of India, New Delhi.

Our services include wide range of Information Technology & Quality related activities which are as under.

IT SECURITY AUDITSIT SECURITY AUDITS

1. Audit of Vulnerability assessment and penetration testing of networks.2. BCP/DRP Implementation / Audit.3. Due Diligence System Audit.4. Forensic and fraud detection services5. Internal Audits for ISO 27001(ISMS), ISO 20000 (ITSM), ISO 14001 (EMS), ISO 9001

(QMS) Audits.6. IS Audit for Certifying Authorities / Registration Authorities as per IT Act, 2000.7. IS Audit for CTCL / Internet Banking of NSE Members / IML Audit for BSE Members.8. IS Audit of CBS / TBA / ALPM Branches of the Banks including migration Audits.9. IS Audits / IT Security Audits for Applications / Data Centers /DR Sites / Data

Migration Audits / Network Security Audits including ERP implementations.10. IS Audits/Information Security Audit for Data Centers / other organizations including

Post Migration Audits & CBS Package Training.11. Sarbanes Oxley (SOX) Act Audit.12. SAS 70 Audit / HIPPA Audit.13. Software / Package Audit / Testing.

2


IT CONSULTANCY

1. Man Power Support and Man Power Provision Services.2. Certifying Authority (CA) / Registration Authority (RA) setting up of Office -

Consultancy and Audits.3. Computerization of the Banks under TBA / Core Banking Solution. 4. Consultancy and Certification for TIA- 942 implementation.5. Critical review of Web Site design including security issues6. Developing IT Security Apex level policy, IT Sub-policies like Network Policy, Backup

Policy, Password Policy, Email Policy, Firewall & Router Policies, Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) etc.

7. Evaluation and implementation of RTGS in Banks.8. Forensic and fraud detection services.9. Incidence Response Management Solution.10. ISO / IES 20000-1:2005 - Information Technology Service Management (ITSM)

Standards Implementation / Audit.11. ISO 14001:2004 - Environmental Management System (EMS) Standards Implementation

/ Audit.12. ISO 27001- Information Security Management System (ISMS) Standards Implementation

/ Audit.13. ISO 9001:2008 - Quality Management System Standard (QMS) Implementation / Audit.14. Log reviews using CAAT tools.15. Services for Selection, Technical Evaluation and Commercial Evaluation of Vendors for

TBA Package scalable to Core Banking Solution / CBS Application including drafting of SLAs, Agreements, engagement letters etc.

16. Setting up of Data Centre and Disaster Recovery Site.

INDUSTRIAL & MANAGEMENT CONSULTANCY

1. Business Process Excellence & BPR2. Corporate Laws, Secretarial matters and Corporate Governance3. Industrial Mergers Amalgamation, Project Management & Loan Syndication 4. Tax Management – Direct & Indirect Taxes

IT BPO ACTIVITIES

1. Any Time Payment Machines (ATPs) / KIOSKs for 24 Hours payment of electricity bills for BESCOM/ HESCOM / Municipal Corporation/ Water Board etc. Also includes other utility payments like water Bill, Tax payment, telephone and mobile bills payment etc.

2. Manpower support for Internal Audits and BPO activities. 3. Scanning and documentation.

3


TRAINING

1. CEH, CHFI, ECSA, LPT, ECSP, ECIH, ECDR, ECVT2. CISA, CISSP, CISM, CSQA 3. IT Security Corporate Programs like ITIL, CEH, Software Testing etc.4. ICWA, ACS, ACA 5. Soft skills like Personality Development, Stress Management, Time Management,

Leadership Skills & Public Speaking.6. Training in IS Audits & IT Security.7. Training on Internal Audits which covers wide range of activities like finance, systems,

HR, Stock, processes, purchase, marketing activities with a special emphasis on improving the skills of internal auditors, collecting evidences, sampling, interview and presentation techniques.

8. Corporate Customized Trainings.

SERVICES TO THE BANKING SECTOR

A. CONSULTANCY :

Empanelled as IT CONSULTANTS for the year 2008-09 by the Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore for computerization of the Bank under TBA / Core Banking Solution.

- Provided Consultancy services for Selection, Technical Evaluation and Commercial Evaluation of Vendors for TBA Package scalable to Core Banking Solution.

Empanelled as IT CONSULTANTS for the year 2008-09 by the Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore for implementation of RTGS.

Empanelled as IT CONSULTANTS for the year 2009-10 by the Bangalore, Bangalore Rural & Ramanagara District Co-operative Central Bank Ltd., H.O., Bangalore for Computerization of Bank under TBA/ Core Banking Solution.

- Provided Consultancy services for Selection, Technical Evaluation and Commercial Evaluation of Vendors for TBA Package scalable to Core Banking Solution.

Provided Consultancy services for Drafting and vetting of purchase order and SLA and NDA agreement.

Provided Consultancy services for IT strategy, Core Banking Solution, Selection of

Vendors for a leading Bank in Ethopia during the year 2008.

4


B. IS AUDITING :

Conducted Core Banking Data Centre Audit, Disaster Recovery Site Audit, Internet Banking Audit, IS Audit of ATM / Debit card Operation, Vulnerability Assessment (VA) and Penetration Testing (PT) of Network of Indian Overseas Bank, Head Office, Chennai.

Conducted Core Banking Data Centre Audit and Disaster Recovery Site Audit and Vulnerability Assessment (VA) and Penetration Testing (PT) of networks of the Dhanalakshmi Bank Ltd., Thrissur.

Concurrent IS Auditors for Karnataka Bank Ltd., Core Banking Data Centre, Bangalore and Core Banking DR Site, Mangalore during the period April, 2005 to June, 2007 and also from January, 2009 onwards.

Provided IS Audit of TBA Package – “Bancmate” application and Migration audit during the year 2008-09 for Chikmagalur-Kodagu Grameena Bank, Chikmagalur, an unit Sponsored by Corporation Bank.

Provided IS Audit of Bank Software – “Banksree” implementation audit during the year 2008 for Andhra Pradesh Grameen Vikas Bank , H.O. Warangal, an unit sponsored by State Bank of India.

Conducted RA Audits for State Bank of India, LHO, Bangalore, State Bank of India, LHO, Chandigarh, State Bank of India, LHO, Chennai, State Bank of India, LHO, Hyderabad, State Bank of India, LHO, New Delhi, State Bank of India, LHO, Thiruvananthapuram, State Bank of India, Payment Systems Group(PSG), Mumbai, State Bank of India, LHO, Ahmadabad, State Bank of India, LHO, Kolkata, State Bank of India, LHO, Bhubaneshwar.

Conducted RA Audits of Associate Banks of SBI for State Bank of Bikaner & Jaipur, State Bank of Hyderabad, State Bank of Patiala, State Bank of Travancore, Thiruvananthapuram, State Bank of Indore.

Tamilnad Mercantile Bank Ltd. - IT Security Audit of Data Centre, Disaster Recovery Centre, Treasury Department, International Banking Division, RTGS Centre and HUB Centers.

SERVICES TO THE GOVERNMENT

Empanelled as IT SECURITY AUDITORS by CERT-In, Ministry of Communications & Information Technology, Department of Information Technology, Government of India, New Delhi.

5


Empanelled as IT SECURITY AUDITORS by the Controller of Certifying Authorities (CCA), Ministry of Communications & Information Technology, Department of Information Technology, Government of India, New Delhi.

Indian Navy, Western Naval Command - MAN, Mumbai, Ministry of Defence, Government of India – IT Security Audit and Vulnerability Assessment (VA) and Penetration Testing (PT) of huge network.

Indian Air Force, Ministry of Defence, Government of India on behalf of ECIL, Hyderabad, Consultancy support for setting up of Certifying Authority (CA) Office, RA Offices for 2010-11, 2011-12 and 2012-13.

IT Security Auditors for IDRBT Certifying Authority (CA) as per IT Act, 2000 from 2007-08 till date. Also Internal Auditors for half-yearly audits during 2007- to 2009.

IT Security Auditors for Reserve Bank of India (RBI), Registration Authority (RA) as per IT Act, 2000 for the year 2008 covering all RA Offices across the Country.

MMTC Ltd. New Delhi – SECURITY AUDIT of Corporate Website www.mmtclimited.com covering Risk Profiling & Design Review, Application Code Review, Web/application Server Security Assessment including patches and updates, detailed configuration review & auditing and logging module review, Database Security Assessment, Application Security Assessment including application walkthrough, Deployment architecture Review, Process: User & change management, backup process etc.

Naval Institute of Aeronautical Technology (NIAT), Government of Kerala, Kochi Vulnerability Assessment and Penetration Testing for NIAT during 2009-10.

IT Consultant for Karnataka State Horticulture Department, services to the Government.

Haryana State Electronics Development Corporation Ltd., Haryana State Government Undertaking – Security Audit of ‘SAARANSH’ Software.

Website Audits “Single Table Clearance System” of Udyog Bandhu, Government of U.P.

NTPC Limited, Government of India – Conducted Security Audit of LAN at Rajiv Gandhi Combined Cycle Power Project, Kerala during 2010-11.

Transmission Corporation of Andhra Pradesh Ltd. (APTRANSCO) Government of Andhra Pradesh undertaking - Fixing/ Rectifying the problems identified during the security assessment examined and penetration tests conducted on different networks with different applications of APTRANSCO.

6


Transmission Corporation of Andhra Pradesh Ltd. (APTRANSCO) - Formulation of SOPs (Standard Operating Procedures) for the Network systems, Servers, Networks with different components, Operating systems, Databases and Disaster Recovery etc. on different networks with different applications of APTRANSCO.

SERVICES TO CORPORATE SECTOR

Consultancy services for 3i Infotech Ltd. in connection for setting up of the Certifying Authority (CA) Infrastructure / Data Centre/ Disaster Recovery Site/ Technology / Certifications / Documentation / Processes and licensing as per the norms prescribed by the Controller of Certifying Authority (CCA), Ministry of Information Technology, Government of India.

Full-time IT CONSULTANTS since 2005 till March, 2009 for Bangalore Stock Exchange Ltd. and BgSE Financials Ltd. Also Systems Auditors for annual IS Audit of Bangalore Stock Exchange as per the requirements of SEBI.

IS Audit and Review of Business Continuity Plan for ING Life Insurance Pvt. Ltd.

Conducted SAM Audit for Serve All Enterprise Solutions Ltd., MNC, Division of Computech Corporation, USA – Software Deployment Identification & SAM Process Validation, Software Reconciliation, Software Compliance GAP Analysis (Actual Licensing Position), SAM Current State Assessment and SAM Best Practice Recommendations.

OCWEN Financial Solutions Pvt. Ltd., MNC – Internal Control IT Security Audit as per the requirements of Sarbanes’ Oxley Act (SOX).

Semler Research Center Pvt. Ltd. Bangalore - Implementation of ISO 27001:2005 ISMS Standard and conducted Vulnerability Assessment(VA) and Penetration Testing(PT) during 2010-11.

Gem Sugars Ltd. Implementation of ISO 9001:2000 Quality Management System (QMS) Standard and ISO 14001 Environmental Management System (EMS) Standard at sugar and power manufacturing plant at Kundargi and also at Corporate Office, Bangalore.

KEY PERSONNEL

1 Shri Dinesh S Shastri CISA, CISM, CEH, CHFI, CSQA,CAIIB, ISO 9001, ISO 14001, ISO 20000 and ISO 27001, Certified Lead Auditors, Professional and served in Bank for more than two decades.Experienced Quality Management System (QMS) and IS Security Professional and ex-banker with experience over two decades.

7


He is Past President of ISACA, (Till now known as Information Systems Audit & Control Association), Bangalore India Chapter (2003-04 and 2004-05). During his tenure the Bangalore Chapter received Several Awards like Best Chapter in Asia (2004), Best Newsletter Global Award (2004), Best Website Gold Level Global Award (2004). He is Program Director for 3 days intensive training programs on COBIT & BS7799 IT Security for C & A G, Government of India. He is also Programme Director for 4 days IS Audit Training Programmes conducted by the Company.

He is a Lead Auditor for Certifying the Companies for ISO 9001, ISO27001 (previously called BS7799) ISMS Standards for NQA, a UK based Certifying Body having Indian Headquarters at Bangalore.

He is regular faculty for Information Technology Act, 2000 for training programmes of C & A G and all training programmes of the Company.

Other than IS Audits of various Banks, he has completed many assignments some of which are:

ISO 9001 & ISO 14001 implementation for Gem Sugars Ltd., Sugar and Electricity manufacturing company having factory at Kundargi and HO at Cunnigham Road, Bangalore.

ISO 9001 Auditor / Consultants for various organizations like Manappuram Group of Industries, Cambridge Ltd., State Bank of Travancore, PKN Polymers Pvt. Ltd., Cauvery Engineering etc.

ISO 27001(BS 7799 )– Gap Analysis, Risk Mitigation Plan, Vulnerability Assessment for the world’s largest media organization, viz. Times of India Group, Mumbai in April and May, 2004

ISO 27001 (BS 7799) Lead Auditor of NQA –ISO27001 (BS7799) Certification Body. ISO27001 (BS7799) Security Training to Senior Audit Officers of the Comptroller

Auditor General of India(C & A G)

2. Y U Rao., ME, Experienced Administrator has more than three decades of experience in Government sector in various capacities.

3. Shri Chandrasekharaiah T . G., CISA, ACA, SAP Consultant, experienced IS Auditor. His specialization is in implementation of ERP Packages particularly SAP.

4. Shri P. L. N. Sarma, CISA, CeISB, CAIIB, LLB, AICWA - Senior IS Auditor and Ex Banker having experience of more than 3 decades.

5. Shri K S Sesha Prakash CISA, CAIIB, CISSP, ISO 27001 Lead Auditor, BCCS, Diploma in Computers, with experience of more than 26 years in IT Department of ING Vysya Bank Ltd.

SPECIAL ADVISORS

Shri R N Guptha, Chartered Accountant with more than 2 decades management experience.

8


Shri Rajgopal Tholpadi, CISA, CSQA, PMP, IT Quality & CMM Expert having more than 25 years of experience in banking and IT industry.

PRESENCE OF OFFICE - LOCATIONS AND BRANCH OFFICE HEADS:

HUBLI : Shri Yogesh Shastri – IS Auditor

HYDERABAD : Shri P. L. N. Sarma – Experienced Ex- Banker and senior IS Auditor

MANGALORE : Smt. A Veena – Experienced Administrator

MUMBAI : Smt. Geetha U S – Experienced Administrator & Branch Head

MYSORE : Shri Y Umesha Rao – Managing Director

INDORE & UJJAIN : Shri Srinivasa Reddy – Branch Manager

RECOGNITION OF DIGITAL AGE:

Empanelled as IT SECURITY AUDITORS by CERT-In, Ministry of Communications & Information Technology, Department of Information Technology, Government of India, New Delhi for full scope IT Security Audit.

Empanelled as IT SECURITY AUDITORS by the Controller of Certifying Authorities (CCA), Ministry of Communications & Information Technology, Department of Information Technology, Government of India, New Delhi.

Implemented Project of Business Continuity Plan of ING Life Insurance Company Ltd. for M/s Vinciti Networks Pvt. Ltd., AQ, E4E Labs House, Hosur Road, Bangalore.

IS Auditors for Corporation Bank, Disaster Recovery Site of Data Centre, Mangalore.

Annual IT Security Auditors for IDRBT Certifying Authority (CA) as per IT Act, 2000 for the years 2007 and 2008. Also Internal Auditors for half-yearly audits.

Consultancy services for 3i Infotech Ltd. in connection for setting up of the Certifying Authority (CA) Infrastructure / Data Centre/ Disaster Recovery Site/ Technology / Certifications / Documentation / Processes and licensing as per the norms prescribed by the Controller of Certifying Authority (CCA), Ministry of Information Technology, Government of India.

Internal CA Auditors for e-mudhra Certifying Authority.

Way 2 Wealth Brokers Pvt. Ltd., Bangalore - conducted detailed Vulnerability Assessment and Penetration Testing of the huge Network spread across India.

9


Annual IT Security Auditors for Reserve Bank of India (RBI), Registration Authority (RA) as per IT Act, 2000 for the year 2008 covering all RA Offices across the Country.

Concurrent IS Auditors for Karnataka Bank Ltd., Core Banking Data Centre, Bangalore and Core Banking DR Site, Mangalore during the period April, 2005 to June, 2007 and also from January, 2009 onwards.

Tamilnad Mercantile Bank Ltd. - IT Security Audit of Data Centre, Disaster Recovery Centre, Treasury Department, International Banking Division, RTGS Centre and HUB Centers.

Empanelled as IT CONSULTANTS for the year 2006-07 by Syndicate Bank, Corporate Office, Bangalore.

Full-time IT CONSULTANTS since 2005 for Bangalore Stock Exchange Ltd. and BgSE Financials Ltd. Also Systems Auditors for annual IS Audit of Bangalore Stock Exchange as per the requirements of SEBI.

IT Consultant for Karnataka State Horticulture Department, Government of Karnataka.

Security Audit of software “SAARANSH” of Haryana State Electronics Development Corporation Ltd., Government of Haryana, Application Audit of “Banksri” TBA Package for Andhra Pradesh Gramin Vikas Bank, “Bankmate” TBA Package for Chickmaglur Kodugu Gramin Bank, “Banking Wizard” TBA Package of Antares Systems Ltd., “Banksoft” Audit of TBA Package of Processware Systems Pvt. Ltd., Audit of “e- Bank” TBA Package of Internet Systems Ltd., Audit of “e-factoring” package of Canabank Factors Ltd., Audit of IBAR in-house developed package of Vijaya Bank, Treasury Package Audit of Vijaya Bank etc.

Data Centre Disaster Recovery Site Auditors for Corporation Bank, Mangalore.

IT CONSULTANTS for the year 2009-10 for computerization of the Banks under TBA / Core. Developed, released RFP and advertisement, evaluation of technical and commercial proposals for various DCC Banks like The Bangalore, Bangalore Rural & Ramanagara District Co-operative Central Bank Ltd., H.O., Bangalore, The Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore etc.

BPO SERVICE PARTNERS:

1. DIGITAL AGE is a Strategic Partner Accel Transmatic Ltd.(ATL) for BPO Services like providing Any Time Payment Machines (KIOSKS) to utility companies like BESCOM and HESCOM.

10


PARTIAL LIST OF SOME OF OUR CLIENTS:

SOME OF OUR CLIENTS

3i Infotech Ltd. engagement for providing Consultancy Services in connection with setting up of the Certifying Authority (CA) Infrastructure / Technology / Certifications / Documentation / Processes and licensing as per the norms prescribed by the Controller of Certifying Authority (CCA), Ministry of Information Technology, Government of India.

3i Infotech Ltd. TIA/EIA-942 Data Centre Standard - Compliance Audit of Data Centre, Chennai.

- ISO 20000-1:2005 Information Technology Service Management (ITSM) Internal Audit.

A Venkatram & Co, Chartered Accountants – Associates for Application Software Audit.

Andhra Pradesh Grameena Vikas Bank (APGVB) – a Bank sponsored by State Bank of India - IS Audit of TBA Application Package, Viz., “BankSri”.

Antrix Corporation Limited, Bangalore (A Government of India Company under Department of Space) – Vulnerability Assessment & Penetration Testing (Security Audit) of APFMIS Package.

Antares Systems Ltd., - Audit of “Banking Wizard” Total Banking Automation Package with web enabled features of Core Banking System (CBS).

Allahabad Bank., RA, Kolkata - IS Audit of Registration Authority for the year 2009-10.

Aruba Networks Pvt. Ltd., - Supply of hardware.

Axis Bank (Formerly UTI Bank) Ltd., Mumbai - IS Audit of Registration Authority for the year 2008-09 and 2009-10.

Bangalore Stock Exchange Ltd. annual Systems Auditors for doing the IS Audit as per the requirements of SEBI.

BgSE Financials Ltd. (subsidiary of Bangalore Stock Exchange Ltd.) IT Implementation & IT Governance Consultants & Retainers.

- NSE - CTCL IS Audits for the year from 2005-06 to 2009-10.- BSE - IML IS Audits for the year from 2005-06 to 2009-10.

11


Bank of America, Nariman Point, Mumbai – Audit of Registration Authority for the year 2008-09.

Bank of Baroda, Department of Information Technology, Corporate Office, Mumbai – Audit of Registration Authority for the year 2008-09 and 2009-10.

Bank of Baroda, Zonal Inspection Centre, Chennai – IS Audit of Siddaiah Road Branch, Bangalore.

Bajaj Allianz General Insurance Company Ltd., Pune, Member of Motor Pool, General Insurance Corporation of India (Government of India undertaking) - IT System Security Audit for the year 2009-10 & 2010-11.

BESCOM –Bangalore Electricity Supply Co. Ltd. – KIOSK - Any Time Payment (ATP) Machines Providers - BPO Services on Build, Own, Operate (BOO) Basis.

B K Ramadhyani and Company, a leading firm of Chartered Accountants as their business partner for all their IS Audit assignments – Some of the assignments -Toyota Kirloskar Motors Pvt. Ltd.- Information Systems Audit of IT Department including SOX Audit, Kirloskar Toyota Textile Machinery Pvt. Ltd. - Information Systems Audit of IT Department, Toyota Kirloskar Auto Parts Pvt. Ltd. - Information Systems Audit of IT Department for the year 2007-08, 2008-09 and 2009-10.

Canara Bank, Department of Information Technology, Head Office, Bangalore – IS Audit of Registration Authority for the year 2007-08, 2008-09 and 2009-10.

Canbank Computer Services Ltd., ISO 9001 Consultancy, IT Security Implementation & BS7799 Training.

Catholic Syrian Bank Ltd., H O, Trissur – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

Cauvery Nirvari Nigam Ltd, Website development and maintenance.

Central Bank of India, Head Office, Mumbai – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

Chickmaglur Kodagu Gramin Bank (Chicko Bank), a Bank sponsored by Corporation Bank - IS Audit of TBA Application Package and IS Audit of TBA Branches.

COFFEE BOARD, Bangalore, Government of India, Documents Management services.

Comptroller & Auditor General of India, Government of India, Regional Training Center, Bangalore – Training in IS Audit / IT Security to the Senior Auditors of Government of India –ISO 27001(BS7799) - Training to Senior Audit Officers of the Comptroller Auditor General of India (C & A G).

12


Controller of the Certifying Authorities, Ministry of Communications & Information Technology, Government of India, New Delhi – Conducted by IDRBT, CA, IT Security Audits as per the order of CCA and reports submitted to the CCA.

Corporation Bank – IS Audits for Data Centre Disaster Recovery Site, Mangalore for the year 2007-08, IS Auditors for Branches, IS Audit of Registration Authority for 2007-08, 2008-09 & 2009-10.

Datacon India Pvt. Ltd., MNC - Sarbanes’ Oxley Act (SOX) Audit Manpower provision.

Deposit Insurance and Credit Guarantee Corporation, (DICGC) H.O., Mumbai – Audit of Registration Authority.

Dhanalakshmi Bank Ltd., H. O., Thrisshur – IS Auditors for the Data Center Audit & Disaster Recovery Site for the year 2009-10.

– Audit of Registration Authority for the year 2008-09 & 2009-10.

– Vulnerability Assessment (VA) and Penetration Testing (PT) of Network.

Directorate of Town Panchayats, Kurlagam, Chennai - Vulnerability Assessment and Penetration Testing (Security Audit) for Identity management system to BPL members in Town Panchayats of Sivagangai Office.

EASi Technologies Pvt. Ltd., 100 % EOU – Technical Evaluation of their Application Package “EASit” and Certification.

Ekgaon Technologies Pvt. Ltd. – IS Audit of OneMIS Version 1.1 Core Banking Solution (CBS) Package Audit during 2010-11.

E-Mudhra Certifying Authority(SA) External CA Audit for 2009-10 including DR Site Audit and RA Audit of RA Offices.

Federal Bank Ltd., R. O., Aluva - Audit of Registration Authority (RA) as per Information Technology Act, 2000 for the year 2009-10.

First Million Technologies Pvt. Ltd., Bangalore – System Audit and Due Diligence Certificate for Software and Hardware requirements.

Galax E-Solutions India Pvt. Ltd. - MNC with Head Quarters in U.S. – Implementation of ISO 27001(BS 7799) and HIPPA Standards and Vulnerability Assessment (VA) and Penetration Testing (PT).

Gem Sugars Ltd. Implementation of ISO 9001:2000 Quality Management System (QMS) Standard and ISO 14001 Environmental Management System (EMS) Standard at sugar and power manufacturing plant at Kundargi and also at Corporate Office, Bangalore.

13


Government of Goa, Department of Information Technology – Black Box Penetration Testing of 13 IP Addresses of IT Department during 2010-11.

Government of National Capital Territory of Delhi – Security Audit of Website and Vulnerability Assessment & Penetration Testing of office of financial commissioner, Delhi, GNCTD.

Government of NCT of Delhi – Security Audit of Website running under DHS (HQ) and Vulnerability Assessment & Penetration Testing of office of Directorate of Health Services, Delhi.

Haryana State Electronics Development Corporation Ltd., Haryana State Government Undertaking – Security Audit of ‘SAARANSH’ Software.

HDFC Bank Ltd., RA, Mumbai – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

HESCOM –Hubli Electricity Supply Co. Ltd. – KIOSK - Any Time Payment (ATP) Machines Providers - BPO Services on Build, Own, Operate (BOO) Basis.

Indian Air Force, Ministry of Defence, Government of India on behalf of ECIL, Hyderabad, Consultancy support for setting up of Certifying Authority (CA) Office, RA Offices for 2010-11, 2011-12 and 2012-13.

Indian Bank, Head Office, Chennai – IS Audit of Registration Authority for the year 2007-08 and 2009-10.

Indian Naval Academy, Kannur, Kerala - Conducted the Security Audit of Website of Indian Naval Academy as per the requirements of NIC during 2010-11.

Indian Overseas Bank, Head Office, Chennai – Information Systems Audit of Internet Banking.– Information Systems Audit of Data Centre & Disaster Recovery Site.– Information Systems Audit of ATM / Debit card Operation.– Vulnerability Assessment (VA) and Penetration Testing (PT) of Network.

ING Vysa Life Insurance Pvt. Ltd. With Vinciti Networks Pvt. Ltd. Bangalore – Business Continuity Plan (BCP) Project.

Innova Securities & Investments Ltd. – Implementation support for Information Security Policy, BCP/DRP Policy, Other IT Policies / Procedures, Internal IS Audit Policy / Guidelines, Internal IS Audit Checklist to enable internal audit for quarterly audits.

- NSE - CTCL IS Audits for the year from 2006-07 to 2009-10.

14


Institute for Development and Research in Banking Technology (IDRBT), Certifying Authority, Hyderabad –IT Security Audit for the year from 2007-08 to 2009-10 for their IT Operations in Hyderabad and Disaster Recovery Site at Mumbai.

Internet Systems Pvt. Ltd. – Software Audit of Total Banking Application (TBA) Software, “e-Banking” Software.

ISCKON TEMPLE – Documents Management services.

Karnataka Bank Ltd. – Concurrent IS Auditors for the Data Center Audit, Audit of IT Security implementation, Internet Banking Infrastructure Audit and Network Security Audits from 1st January, 2009 and also previously from April, 2005 to June, 2007. Also IS Audit of Data Centre for compliance to Internet Banking Infrastructure requirements as per the RBI norms.

- Registration Authority (RA) Audit for Karnataka Bank Ltd., R.A. for 2007-08, 2008-09 2009-10 and 2010-11.

Karnataka Infotech Consultancy Services, Belgaum - Evaluation of centralized Budgetary System Package – Ver. 01 based on Fund Based Accounting System (FBAS).

Karnataka State Horticulture Department, Government of Karnataka - IT Consultants for their Software Development and Website Development.

Karur Vysya Bank Ltd., Information Technology Department, Central Office, Karur - Audit of Registration Authority (RA) as per Information Technology Act, 2000 for the year 2009-10.

Mahanagar Telephone Nigam Ltd., (MTNL), a Government of India Enterprise – Conducted full Compliance Audit of MTNL Certifying Authority (CA) at Mumbai (Main Site) and Delhi (DR) Sites and Physical RAs at Mumbai and Delhi.

Manian & Rao, Chartered Accountants - IS Audit Associates. Completed IS Audits of Regional Offices and Branches of PNB, preparation of IS Audit Manual for BEML etc.

MMTC Ltd. New Delhi, a Government of India Enterprise – SECURITY AUDIT of Corporate Website www.mmtclimited.com covering Risk Profiling & Design Review, Application Code Review, Web/application Server Security Assessment including patches and updates, detailed configuration review & auditing and logging module review, Database Security Assessment, Application Security Assessment including application walkthrough, Deployment architecture Review, Process: User & change management, backup process etc.

15


MPPKVVCL –Madhya Pradesh Paschim Keshtra Vidyut Vitarana Co. Ltd. – KIOSK - Any Time Bill Payment (ATBP) Machines Providers - BPO Services on Build, Own, Operate (BOO) Basis.

National Environmental Engineering Research Institute (NEERI), Council for Scientific and Industrial Research – Conducted onsite Web Security Audit of NEERI Website during 2010-11.

Newgen Software Technologies Ltd. - Documents Management services.

NQA - A Certification Body for BS7799 - Lead Auditors BS7799 Information Security Management System(ISMS).

Naval Institute of Aeronautical Technology (NIAT), Government of India, Kochi Vulnerability Assessment and Penetration Testing for NIAT during 2009-10.

NTPC Limited, Government of India – Conducted Security Audit of LAN at Rajiv Gandhi Combined Cycle Power Project, Kerala during 2010-11.

O3 Securities Pvt. Ltd., Bangalore – IS Auditors for NSE - CTCL IS Audits for the year 2010-2011 and BSE - IML IS Audits for the year 2010-11.

OCWEN Financial Solutions Pvt. Ltd., MNC – Internal Control IT Security Audit as per the requirements of Sarbanes’ Oxley Act (SOX).

Oriental Insurance Company Ltd., Delhi and Chennai, Member of Motor Pool, General Insurance Corporation of India (Government of India undertaking) - IT System Security Audit for the year 2009-10 & 2010-11.

Processware Systems Pvt. Ltd., Bangalore – Audit of “Banksoft” Total Banking Application (TBA) Software Audit.

- IS Audit of “Banksoft” Core Banking Solution Package Audit.

Punjab National Bank, Department of Information Technology, Head Office, New Delhi - Audit of Registration Authority (RA) as per Information Technology Act, 2000 for the year 2007-08.

Raju & Prasad and Co. – Preliminary Review of Application Packages for KSRTC, Corporate Office, Bangalore.

Ramco Systems Ltd., – The Times of India Group, Mumbai - IT Security Audit, BS7799 (Now ISO 27001) IT Security Standards, GAP analysis & Vulnerability Assessment.

Reserve Bank Employees’ Co-operative Bank Ltd., Bangalore - IS Audits for 2006-07, 2008-09.

16


Reserve Bank of India – IS Audit of all RA Offices across the Country for the year 2008-09.

Semler Research Center Pvt. Ltd. Bangalore - Implementation of ISO 27001:2005 ISMS Standard and conducted Vulnerability Assessment(VA) and Penetration Testing(PT) during 2010-11.

Serve All Enterprise Solutions Ltd., MNC, Division of Computech Corporation, USA – Conducted Software Asset Management Audit covering Microsoft and Abode, Software Deployment Identification & SAM Process Validation, Software Reconciliation, Software Compliance GAP Analysis (Actual Licensing Position), SAM Current State Assessment and SAM Best Practice Recommendations.

Shriram General Insurance Company Ltd., Jaipur, Member of Motor Pool, General Insurance Corporation of India (Government of India undertaking) - IT System Security Audit for the year 2009-10 & 2010-11.

Sri Channabasavaswamy Souhardha Pattana Sahakari Bank Ni., Gangavati – Cyber Crime / Fraud Investigation and Information Security Audit of the Bank Branch.

Sri Lakshminarayana Co-Operative Bank Ltd., Head Office, Bangalore – IS Audit of Branches for the year 2009-10.

State Bank of Bikaner & Jaipur – IS Audit of Registration Authority Offices at Jaipur and Kolkata for the year 2008-09.

State Bank of Hyderabad – Department of Information Technology, Head Office, Hyderabad – IS Audit of Registration Authority for the year 2008-09.

State Bank of India, Chief RA Office, State Bank Global IT Centre, IT - Payment Systems Group, CBD Belapur, Navi Mumbai – IS Audit of Chief Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, Ahmadabad – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, Bangalore – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, Bhubaneswar – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, Chandigarh – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

17


State Bank of India, Local Head Office, Chennai – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, Guwahati – IS Audit of Registration Authority for the year 2009-10.

State Bank of India, Local Head Office, Hyderabad – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, New Delhi – IS Audit of Registration Authority for the year 2008-09, 2009-10 and 2010-11.

State Bank of India, Local Head Office, Thiruvananthapuram – IS Audit of Registration Authority for the year 2007-08 and 2009-10.

State Bank of Indore, Head Office, Indore – IS Audit of Registration Authority for the year 2007-08, 2008-09 and 2009-10.

State Bank of India, Local Head Office, Kolkata – IS Audit of Registration Authority for the year 2008-09 and 2009-10.

State Bank of India, Local Head Office, Patna – IS Audit of Registration Authority for the year 2009-10.

State Bank of Mysore, Head Office, Bangalore – IS Audit of Registration Authority for the year 2009-10.

State Bank of Patiala, Head Office, Patiala – IS Audit of Registration Authority for the year 2008-09 & 2009-10.

State Bank of Travancore, Head Office, Thiruvananthapuram – IS Audit of Registration Authority for the year 2008-09.

Syndicate Bank – Information Technology Consultants for the year 2006-07 - Reviewing IT Implementation, involving in Technical and commercial evaluation of Tenders and also the auditors for Registration Authority (RA) for the year 2008-09.

Sysfocon Services Pvt. Ltd., Consultancy on Technical Infrastructure, Core Banking Software Implementation Consultancy, IT Strategic Plan, Security Policy, IS Audit Manual, BCP/DRP for Bank of Abyssinia, Ethopia.

Tamilnad Mercantile Bank Ltd., - IT Security Audit of IT Department covering various applications, Core Banking Data Centre, Core Banking Disaster Recovery Centre, Treasury Department, ATM, International Banking Division, RTGS Centre and HUB Centers for the year 2007-08 & 2009-10.

18


-Training in IS Audit for the IS Auditors of the Bank for the year 2008-09, 2009-10 and 2010 -11.

- Registration Authority (RA) Audit for Tamilnad Mercantile Bank Ltd., R.A for the year 2008-09 and 2009 - 10 as per Information Technology Act, 2000.

Technology Information, Forecasting And Assessment Council (TIFAC), Department of Science & Technology, Government of India, Delhi – Conducted Security Audit of four Websites during 2010 – 2011.

Transmission Corporation of Andhra Pradesh Ltd. (APTRANSCO) Government of Andhra Pradesh undertaking - Fixing/ Rectifying the problems identified during the security assessment examined and penetration tests conducted on different networks with different applications of APTRANSCO.

Transmission Corporation of Andhra Pradesh Ltd. (APTRANSCO) - Formulation of SOPs (Standard Operating Procedures) for the Network systems, Servers, Networks with different components, Operating systems, Databases and Disaster Recovery etc. on different networks with different applications of APTRANSCO.

Transworld International, Bangalore - Vulnerability Assessment (VA) and Penetration Testing (PT) of Network. The Bangalore, Bangalore Rural & Ramanagara District Co-operative Central Bank Ltd.,

H.O., Bangalore Empanelled as IT CONSULTANTS for the year 2009-10 for computerization of the Bank under TBA / Core. Developed and released RFP and advertisement.

-Consultancy support for Bank Computerization and implementation of TBA package for The Bangalore, Bangalore Rural & Ramanagara District Co-operative Central Bank Ltd. during 2009-10.

The Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore Empanelled as IT CONSULTANTS for the years 2008-09 and 2009-10 for evaluation of bids for TBA/Core Banking computerization of the Bank.

-The Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore, Consultants for evaluation and implementation of RTGS for the year 2008-2009.

- The Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore, Consultants for drafting/vetting of SLA under the implementation of computerization of the Bank.

-Consultancy on implementation of TBA package in 31 Branches.

19


- The Karnataka State Co-operative Apex Bank Ltd., H.O., Bangalore, Evaluation of implementation of RTGS System as per the SLA agreement.

The South Indian Bank Ltd., Department of Inforamtion & Communication Technology Kochi – conducted the ITMS (Integrated Treasury Management System) Audit for the year 2009-10.

The South Indian Bank Ltd., Department of Information Technology, Head Office, Trisshur – Audit of Registration Authority for the year 2008-09 and 2009-10.

Tranquil Solutions Pvt. Ltd. – IS Audits of “Info-track” and “Zip-drive” Mini ERP packages on Car Dealership Management and Car Rentals.

Udyog Bandhu, Government of U.P - IT Security Audit of their Website - “Single Table Clearance System”.

Union Bank of India – Post Migration Audit of CBS Branches.

United India General Insurance Company Ltd., Chennai, Member of Motor Pool, General Insurance Corporation of India (Government of India undertaking) - IT System Security Audit for the year 2009-10 & 2010-11.

Vijaya Bank, Department of Information Technology, Head Office, Bangalore - Audit of IBR Package 2007-2008, Audit of Treasury Department Packages and Programmes 2007-2008. Audit of Registration Authority (RA) as per Information Technology Act, 2000 for 2007-08, 2008-09, 2009-10 & 2010-11.

Vinciti Networks Pvt. Ltd., - IS Audit / Review of Business Continuity Planning (BCP) for ING Vysya Life Insurance Pvt. Ltd.

Way2Wealth Brokers Pvt. Ltd. – Implementation support for Information Security Policy, BCP/DRP Policy, Other IT Policies / Procedures, Internal IS Audit Policy / Guidelines, Internal IS Audit Checklist to enable internal audit for quarterly audits.

- NSE - CTCL IS Audits for the year from 2006-07 to 2010-11.- BSE - IML IS Audits for the year from 2006-07 to 2010-11.- MCX -Multi Commodity Exchange Audit for the year 2010-11.- Vulnerability Assessment (VA) and Penetration Testing (PT) of the huge Network

spread across India.

Western Naval Command -MAN, Mumbai, Indian Navy, Ministry of Defence, Government of India – IT Security Audit and Vulnerability Assessment (VA) and Penetration Testing (PT) of huge network.

20


Wissen Infotech Pvt. Ltd., Bangalore and Hyderabad, with offices in the U.S. – Implementation of ISO 27001(BS 7799) and Vulnerability Assessment(VA) and Penetration Testing(PT).

DIGITAL AGE – DIFFERENTIATORS:

1. We are team of seasoned Management, IT professionals & Ex-bankers.2. We have relevant project experience.3. Our team is qualified and dedicated.4. We have a proven track record.5. We have proven to be cost effective without compromising quality.

Thus we ensure the EEEs for your organization, Efficiency, Effectiveness and Economy.

We have comprehensive experience in:

Networking protocols, Vulnerability Assessment & Penetration Testing. Security protocols (network layer NLSP, transport layer TLSP & IPSEC, application layer SSL

& SHTTP), Operating systems (Solaris, Linux, Windows NT & 2000) Access Control techniques (At firewall, routers and switches) Authentication schemes (Biometrics, PAP, CHAP, dynamic ID, SSO) Attack detection (attack signatures, intrusion detection methods, forensic techniques) Packet crafting, scanning and sniffing techniques Cryptography (PKI, symmetric, Kerberos, SET, S/MIM)

Information Security & Audit Specialists for business with wisdom - growth with assurance

is an information security specialist Organization providing a host of information security services for Corporates in India. Our aim

21

Cross industry experience

The Consultants’ experience in varied areas like Banking, Finance, IT and BPO Sectors gives value addition to the services offered to the clients.

Technical The skill set and security knowledge of our team is at par with industry leaders, as borne by leading security certifications of our professionals.

Full suite of serviceWe provide our client’s with an easy interface for all their security requirements, from risk assessment to managing enterprise security and to skill upgradation.

Customized As a pure services company, we design a solution that are product neutral and tightly integrated with client’s requirements and is also cost effective.

Mature processesAs part of the forum on security, we develop processes for security implementation and management. Our project delivery process is highly advanced while retaining the maturity gained from extensive project experiences.


is to harness global technologies to deliver proven solutions for creating secure e-business environment. Our global expertise in applying diverse technologies and mature processes for implementation enable cost effective delivery of highly secure and trusted e-business solutions.

Customer AdvantageCustomer Advantage

We bring distinct advantages to our clients in the area of security:

Advantages Benefits

Service OfferingsService OfferingsWe provide a complete suite of Information Technology Security Solutions as under:

22

Services

Assessment Information Systems Audit/ Data Migration Audit, Security AuditEthical Hacking, VA & Pen-Testing

ProfessionalISO 27001/ 20000 ConsultancyIncident handlingForensic analysisIT Security Trainings

DesignSecurity policy designSecurity architecture design

ManagedFirewall managementIntrusion managementEnterprise security management

ImplementationFirewalls, VPNIDSServer Hardening


Skill SetSkill SetThe technical team comprises qualified security consultants full and part time with experience ranging from 3 to 18 years in the field of networking and security. The range of security/software quality certification of our team is at par with world standards:

23

CertificationsCEH / CHFI / ECSA / LPT / ECSP / ECIH / ECDR / ECVT

CISSP / CISA/ CISM

GIAC, SANS ISO 27001, 20000MCSE, MCP, OCP CCNA, CCNP