ITaaS Consulting

ITaaS Consulting LLP Overview

Services Offered

ITaaS Consulting offers consulting and training services for the following domains:

 IT Risk Management & ISO 27001 Consulting and Training

o SCOPE : Scoping an ISO 27001 project is a fundamental part of any certification
initiative. ITaaS helps to identify the business processes which are vital to client. This
will create a solid foundation for building an effective compliance strategy.
o POLICY DESIGN & REVIEW : Preparation of Information Security Management
System (ISMS) Manual, Policies & Procedures.
o RISK ASSESSMENT: ITaaS Consulting will help you evaluate the levels of information
security risk involved in the business processes. Consequently, a risk treatment plan
will be generated.
o GAP ANALYSIS: ITaaS Consulting will perform a comprehensive assessment of
existing security processes and compare them to those required by the ISO 27001
standard. A detailed report will then be generated, identifying the actions required
to attain compliance.
o IMPLEMENTING IMPROVEMENTS: ITaaS Consulting will rationalise the results of the
gap analysis and the risk assessment to develop a comprehensive Security
Improvement Programme. Our consultants will help you to implement the required
security improvements. Our extensive experience means that we are able provide
informed and practical solutions to issues that may arise in each area of the
Standard.
o SUPPORT DURING CERTIFICATION AUDIT: ITaaS Consulting can guide through the
process of gaining certification. We will assist with final preparations to your ISMS
and also act on your behalf when organising the audit progress. Many clients have
found our close involvement to be extremely advantageous during this decisive
stage of the process.
o SECURITY AWARENESS TRAINING
o INTERNAL AUDITOR TRAINING – Auditing is crucial to the success of any
management system. As a result, it carries with it heavy responsibilities, tough
challenges and complex problems. This three day course provides a solid foundation
in all aspects of the audit process. It will provide the internal audit team with the
skills to prepare for, perform, and report on process audits, empower them to lead
audits of information management systems, and is intended to benefit those
implementing or planning to implement ISO27001 within the organization.

 ISO 25999 - Business Continuity Management Consulting and Training

o ANALYSIS: ITaaS Consulting will perform business impact analysis (BIA), threat
analysis, and impact scenarios with the resulting BCP plan requirement
documentation.
o SOLUTION DESIGN: identify the most cost effective disaster recovery solution that
meets the RPO & RTO objectives.
o IMPLEMENTATION : Implementation of the design elements identified in the
solution design.
ITaaS Consulting

o TESTING AND ORGANIZATIONAL ACCEPTANCE : The purpose of testing is to achieve

organizational acceptance that the business continuity solution satisfies the
organization's recovery requirements. Plans may fail to meet expectations due to
insufficient or inaccurate recovery requirements, solution design flaws, or solution
implementation errors. Testing may include:
 Crisis command team call-out testing
 Technical swing test from primary to secondary work locations
 Technical swing test from secondary to primary work locations
 Application test
 Business process test
o MAINTENANCE : Maintenance of a BCP manual is broken down into three periodic
activities. The first activity is the confirmation of information in the manual, roll out
to ALL staff for awareness and specific training for individuals whose roles are
identified as critical in response and recovery. The second activity is the testing and
verification of technical solutions established for recovery operations. The third
activity is the testing and verification of documented organization recovery
procedures. A biannual or annual maintenance cycle is typical.

 COBIT 4.1 IT Governance & IT Strategy Consulting and Training

o IT Governance Maturity Assessment based on CobiT 4.1 Framework
o Consultancy on Controls & Practices to be implemented to achieve target maturity
o IT Governance Training
o Project Management

 ISO 20000 & ITIL v3 – IT Service Management Consulting and Training

o Consultancy on implementation of ITIL v3 processes
o Training on ITIL v3 Service Delivery & Support processes
o Project Management

 Cloud Computing - Consulting and Training

o Cloud Services Discovery & Roadmap Workshop
o Architecture Design
o Project Management
o Recommendation on Cloud Service Providers

ITaas Consulting has highly qualified consultants with vast experience & expertise to deliver above
services.

ITaaS Differentiators - Benefits to Client

The key benefits that will be accrued from working with ITaaS Consulting are as follow:

 BEST-IN-CLASS BENCHMARKING
We have been using for our consulting practice in IT Governance, Risk Management & IT Service
Management. Our clients will benefit by aligning with leading international standards & industry
best practices.- CobiT 4.1 (IT Governance), ISO 27001 (Information Security), ISO 25999 (Business
Continuity) and ISO 20000 & ITI: v3 (IT Service Management).
ITaaS Consulting

 HIGH QUALITY IMPLEMENTATION CONSULTANCY

Our strong implementation capabilities will ensure that benefits of leading standards are fully
materialized in client environment. ITaaS has certified professionals who are also Advisors & Senior
Consultants.
In implementation of governance, security & service management initiatives, we follow maturity
model wherein improvement is achieved in a progressive manner. This reduces the burden on users
in initial phases and allows governance, security & service mindset to be baked-in strongly inside an
organization’s culture.
It has been our experience that governance and security failures mostly occur as a result of weak
implementation of technology and impractical policies and procedures. Our experience in deploying
governance & security in large companies gives us an edge in these domains.

 SUSTAINABLE GOVERNANCE & RISK MANAGEMENT

We will provide governance security program & architecture for our clients that are sustainable and
not a onetime effort.
All our procedures will be designed following twin criteria of optimum maturity level and user
acceptance. This will ensure easier adoption of security measures and continued adherence thereto
by users, leading to sustained governance & security.

 TRAINING
We believe strongly in transferring skills and knowledge. Our highly quality training courses will
allow development of good governance & security skills amongst our client personnel.

Our architecture is designed to be scalable for future requirements of users and bandwidth. It will
protect existing investment and have limited upgrades for future needs.

Our Clients will benefit from our strong support system and our high responsiveness to customers.

 LONG TERM PARTNERSHIP

Security requirements change with time as new threats evolve, new technologies are adopted and
new vulnerabilities are discovered. Working with us, Our clients will have the benefit of latest and
advanced security solutions even in future. We are a company focused on security and therefore
spends considerable efforts in keeping the skills up-to-date to secure new IT services such as cloud
computing. Our consultants are part of several technology forums and are always bent on learning
several new methods for protecting information. Such knowledge enables us to be at the forefront
of security technology and will be beneficial to our clients in future.

Also, our focus on training and skill transfer will ensure continuous skill up-gradation of our clients’
personnel. Our clients see a long term partner in ITaaS Consulting believes in long term relationship
with its clients and takes a partnering approach.

*****