Berigo's services for your increased security
We help you secure your values
Our gap analysis is a technique where we compare the company's documentation with the regulations, laws or standards. Compared to an audit, where random checks are performed, in a gap analysis we make a complete review
Risk and vulnerability analysis
Assessment of risk is most often demanding and requires high academic demands. We often see that method improvement is not being worked on for risk analysis and risk evaluation. Berigo works with ISO 31000 as a starting point for risk management. Together with the client, we map where it is appropriate to carry out analysis. Our risk analysis involves a detailed assessment of consequences, probability, uncertainty, risk sources, among others.
We are certified and perform audits in accordance with Audit Guidelines NS-EN ISO19011: 2018, such a quality audit is a review or review. The audit shall confirm or confirm compliance between the practice and the practice to be complied with to meet requirements. Our specialty areas are in ISO 9001, ISO 27001, ISO 27701, the Power Preparedness Regulations, the NIST Cybersecurity Framework. As well as auditing the supplier's compliance with the agreements entered into.
ISO9001, ISO27001 and ISO27701
Standardization saves time and money
A standard is something that one chooses to follow, either because one sets quality high but can also be to meet a requirement set by partners or authority. Our specialty is information and technology assurance as well as quality management systems. Assignments we can manage and carry out include to comply with regulatory requirements - such as NVE's requirements in the Power Preparedness Criteria, ISO9001, ISO27001, ISO27701 to name the most in demand. We also work with the NIST framework and have good experience of working according to an ISO standard and incorporating security points from NIST.
Don't buy yourself problems
When the contract is signed it is a little late to think about your exit opportunities. You go from being an opportunity with a seller to one that can be demanding, and it is not the gentle seller that takes your inquiries but the delivery device. As we also consume more and more companies that deliver your core systems and store your data, they have relatively great power and can greatly affect your efficiency. What we see increasing is large costs when contracts are concluded and data is to be "shipped" home or to a new supplier. If you can freely upload 1TB data and do it every month for 3 years, what does it cost you to take back the 36 TB that is now on a disk you do not own. Unfortunately, the examples are many.
Contact us for references.
We do not share information about our customers here, they deserve the protection sensitive information requires.
Your supplier's mistakes = your mistakes.
End to end
Wing to wing
An exhaustive document review
There are very few companies that do all their IT operations themselves - we are all consumers of different suppliers. We see that too many people do not have adequate follow-up on whether the supplier is fulfilling its obligations. If your supplier violates the Personal Data Act / GDPR - then it is your responsibility whether it is your data, your customers. As bad, system downtime can be. We have many examples, follow up your suppliers before it hits you.
Policies and other governing documents are essential to comply with quality requirements, regulatory requirements and to provide control over their own operations.
Following a dialogue with the client, we prepare customized management documents.
We also prepare management documents for those who will comply with ISO9001, ISO27001, ISO27701. This does not require the purchase of software, but many have systems that we want to use.
Gap analysis provides 1: 1 mapping of your compliance, it may be legal requirements or a standard. This is a sure method of achieving full compliance and can be a preparation before the supervisory authority carries out the audit.
Audit, and Audit Batch Frameworks - vs gap analysis.
An audit looks at parts of an area, and during one audit program, the goal is to achieve continuous improvement. We revise according to ISO19011.