Level 1
The company has been audited and drafted an Information Security Policy.
The company has been audited and drafted an Information Security Policy.
The company has implemented the system defined in the ISP and is ready for an audit.
The company has gone through a full audit (policies, penetration test, awareness) and passed all requirements.
The company stays on a security level not lower than AIS 3 requires for more than 1 year. This requires an audit every 6 months.
Ethical hacking is not just about the technical details, but also about looking at the business processes and requirements. Combined them you get value which not just improves your security, but also makes your business more efficient.
ixxxxxxxxxxxxxxxxxxxxx