Information and communication technology (ICT) today forms the basis of nearly all business processes, and the idea "he who owns the information owns the world" is now more relevant than ever. In short, in today's world one of the most valuable assets of an organisation is information. It has a huge impact on many social processes, and that is why the appropriate protection of a company's data is an essential prerequisite for competitiveness and development, and why inadequate protection may result in significant implications for an organisation, including the termination of operations. Unfortunately, many such cases have been observed in the past few years. KPMG offers information security (IS) services that offer protection to both the organisational and technical aspects of a company’s business.
We provide the following core services:
• Penetration testing
• Employee information security awareness assessment (social engineering)
• Network infrastructure protection analysis
• Application system protection analysis (including mobile and web applications)
• Information security management system (ISMS) implementation and assessment under ISO/IEC 27001:2013
• Designing employee information security training programs
• Creating organisational and administrative documents on information security
• Implementation and assessment of the current situation in information security in accordance with Data Safety Standard Payment Card Industry (PCI DSS)
• Analysis of the information security risk management system of second tier banks in terms of compliance with risk management and internal control standards.
• Adjustment of personal data processing in accordance with the requirements of legislation of Kazakhstan, regarding personal data protection.