Spentera

Information Security Compliance Services

Cybersecurity Audit Services

Compliance To Regulation

Ensuring that your cybersecurity meets the standards of the regulatory bodies you operate within is an essential part of our service. We make sure that you are able to do business without the fear of repercussions due to negligence in terms of regulation and legislation. We ensure that every standard and requirement is met and that your cybersecurity matches the accepted standards of practice within your field. Here is a summary of some of the compliance regulations we are able to assist you with, to ensure you are fully operational and that you honor the protection protocols required for both your own organization and the safety of your customers.

Financial Services Authority of Indonesia (OJK) And No. 38/POJK.03/2016 Audit Compliance

This regulation requires banks that fall under the Bank Indonesia’s auspices to practice security risk management in their respective IT departments. To stay in good standing within the banking sector, these banks need to monitor and manage the relevant articles that make up this policy.

CIS/NIST CSF Guidance

Our dedicated cybersecurity team will provide you with the close and personal guidance you need to comply with the CIS/NIST CSF. Under our close guidance, you’ll be able to navigate different requirements and policies of this specific framework, and those that map into it, like the PCI DSS. The PCI DSS (Payment Card Industry Data Security Standard) policy, for example, requires all businesses or registered users to create and use a penetration testing strategy to cover internal and external penetration risks. To make sure that the PCI DSS infrastructure is still working the way it should, all certified businesses or organizations need to conduct penetration testing at least once a year.

ISO 27001

We’ll help you comply with this regulation by maintaining and putting into practice the following sub-controls with each regular compliance check:

A.14.2.8 – System security testing
A.14.2.9 – System acceptance test
A.18.2.3 – Technical compliance review

Index KAMI

The Kami Index measures how mature and complete an information security application is. This assessment is based on the SNI ISO/IEC 27001 criteria, which include:

  • Governance
  • Risk Management
  • Framework
  • Asset Management
  • Technological Aspects (Including Securing the Engagement of Third-Party Service Providers)
  • Security Of Cloud Infrastructure Services
  • Personal Data Protection

Cybersecurity Blueprint Building Program

Your company has its own information security goals and objectives, which it plans to reach by using specific strategies and plans. To make sure that you can comply with these goals and chosen strategies, we’ll help you develop and implement a cybersecurity program that suits your specific needs.

View Our Other Services

network

Network And Server Environment Testing

We continuously serve to detect and understand any potential cybersecurity events, especially those aimed at harmful access.

Learn More
test banner_-5

Red Team
Assessment

Our team is well positioned to respond to and help you recover from any cybersecurity incidents that may occur.

Learn More
Soceng

Social Engineering Testing

In the information security chain, people are often the weakest link. While there is no fixed method for people assessment testing, we use a baseline testing that includes.

Learn More

Do You Want To Secure Wisely?
Contact our team now!