In today's dynamic and challenging business environment, Naveg assists clients with quality, innovative and tailor-made solutions. Our dedicated team of specialists and consultants assist organisations with strategy and continuous guidance in implementing IT & Information Security Projects. Ensuring that clients get a return on investments of their initiatives, achieve competitive advantage, and protect sensitive and critical business resources. We provide consulting services that aligned information technology and information security with business strategies whilst, ensuring that the best industry standards are implemented.
The strategic alignment of IT and enterprise objectives has become crucial to the success of business. We help enterprise leaders in their mandate of ensuring that IT processes are aligned with business objectives and deliver value through performance measurement and mitigating risk. These mechanisms which we implement in the organizations enable business and IT people to perform activities and responsibilities which support the alignment of the two and bring about value from IT enabled investments
ISO 27001 CONSULTANCY
Naveg provides ISO 27001 Consultancy services for implementing and reviewing an Information Security Management System (ISMS), which is the system that an organisation must have in place to be certified to ISO 27001, or to follow the guidelines in ISO 27002.
We provide an ISO 27001 Gap Audit to determine areas in your current security policies, procedures and practices that need improvements to meet the requirements of ISO 27001. Naveg can assist you to determine:
- The scope of the ISMS
- The risk assessment process
- The security policy, procedures & guildlines
We also assist in getting the right certification body to certify your ISMS.
Effectively managing risk is essential to an enterprise’s success, hence in this technological era many organizations are faced with regulatory and compliance changes. The need to keep up with compliance and the ever-changing technological trends has increased. Therefore, alignment and integration of IT risk and enterprise risk is critical. With that said our IT risk methodologies addresses the ability to deliver IT services that enable enterprises to perform day-to-day operations with systems that are mission-critical.
Cyber Security Incident Response (CSIR) encompasses a number of different disciplines, including digital forensics, business continuity and information security management. Naveg is able to offer our customers a comprehensive and professional service through which incidents can be planned for, managed, and responded to, effectively and quickly. We provide this service through our unique blend of technical experience, including penetration testing, auditing, training and project management, and our intimate knowledge of business processes and operational management across all sectors.
A penetration test is a set of procedures designed to bypass the security controls of an IT system in order to test that system’s resistance to attack.
Essentially it is a form of ethical hacking to identify and assess vulnerabilities in your computer systems before they are found by the wrong people.
Regular pen testing will provide management with confidence that the organisation’s IT systems are secure from attack and provide reassurance to customers (who are more aware than ever before of the potential threat of online information theft) that their data is adequately protected.
Network Penetration Test
Identify vulnerabilities exposed through your internet gateways to external attacks on your systems.
Web Application Penetration Test
Ensure that your websites, web shops, intranets, extranets and web based applications are secure.
Mobile App Penetration Test
Check your mobile apps and related web services for mobile app specific vulnerabilities.
Internal/external Penetration Test
Assess risks posed by hackers or malicious employees with access to your internal systems.
Check resilience of staff and technical controls to social engineering attacks, which include phishing, telephone social engineering and physical intrusion testing.
Privacy compliance has become a prevalent public and private sector business concerns due to an increasing number of regulations designed to protect unauthorised access to personally identifiable information. For example the Protection of Personal Information Act no. 4 of 2013 (POPIA) and General Data Protection Regulation (GDPR).
Our data protection and privacy experts have broken down the requirements of data protection law, including POPIA and GDPR, to provide you with a simple, flexible, cost-effective and intuitive solution to meet your data protection and privacy obligations.
With data growing exponentially in the information age, it has become vital to the companies’ strategy to tap into the organizations big pool of data for strategic purposes like discovering trends and using analysis to study trends and patterns which will optimize and give the organization strategic edge in moving forward. Our team of professionals help your organisation plan and lower resource wastage through diagnostic, preventive and detective techniques from data repositories.
We cover the following fields: Database Technologies, Data Quality, Data Integration, Data mining, Business Intelligence Management Solutions, SaaS BI, Business Analytics, Corporate Performance Management and Data cleansing.
Projects are usually delayed, over budgeted and/ become non-profitable for organisations. We have a pool of highly experienced individuals who are PMP certified. We pride
ourselves in the application of the principles of PRINCE2 and PMBOK guide. We not only guide clients in objectively forecasting their ROI but also ensure cut costs, establish auditability and visibility, manage IT-related risks and increase project information progress accuracy. Our professionals will guide your enterprise to bring reward for you IT investments and portfolios.
In a world where data and asset loss is common, enterprises are faced with challenges of data retention and backup in case of unforeseen disasters. Our team help assists organizations setup a disaster recovery program and back up contingency plan.
Deciding what to outsource and what to retain in-house has never been easy. But in today’s tough economic climate, reducing costs while making the right sourcing choices is a tricky balance every organisation must master to achieve the desired benefits. There is need to create relationships that address near-term cost objectives, but also allow for longer-term scalability, enhancements and innovation with growth returns. We can you achieve this.
Information Technology (IT) is becoming increasingly important to the business strategy, operations and internal audit of most organisations today. An increased dependency on technology to deliver meaningful benefits to an organisation can raise additional issues of security, integrity and control. At Naveg, we understand how vital it is to manage these business and regulatory concerns. Our IT Assurance & Auditing (ITAA) department can help protect your organisation’s information systems, ensure compliance with regulatory requirements and provide insights to leverage IT controls to reduce costs and gain competitive advantage. Our ITAA division offers IT Audit, Governance, Risk and Compliance attestation services.
Audit designed to address risks which are pervasive across the IT environment.
Audit designed to address application specific risks during input, processing and output.
A technical security audit of your network or applications will provide assurance that the architecture, configuration and development have been carried out in line with best practice and in line with standards such as ISO 27001.
Information Security Audits are an essential tool to ensure that you have the necessary security policies and infrastructure in place to protect your computer systems and the information that they contain, and that security policies and procedures are being adhered to.
We offer a range of Information Security Auditing services, including:
Network Security Audit
Assess the security policies, procedures and infrastructure that you have in place to protect your sensitive data and your network against attack.
Application Security Audit
Audit your application software (both web applications and client-server applications) for security issues that would enable unauthorised access to the data that they contain or disruption to the operation of your business.
A review to ensure that an organisation’s third party relationships are in compliance to key supply chain and vendor management practices and legislation. We provide benchmarks against the best in the industry.
A review designed to establish whether IT projects have followed a formalized process and aligned to business requirements. Post Implementation Reviews– audit is designed to establish among others whether the intended objectives of implementing an IT solution are aligned to business objectives, to evaluate the adequacy of procedures and controls over input, processing and output and to identify potential risks and weakness in controls.
This is the identification, extraction, documentation, interpretation and preservation of electronic data, whose disposition may be used in the court of law. We offer: Cyber forensics & Computer forensics
At Naveg we understand the derived benefits that start-ups and SMEs can gain from an effective and efficient IT support holistic solution. Hence, we offer specialized IT support and services for start-ups and SMEs at cost effective packages. With our team of highly qualified technicians and engineers we offer tailor made solutions to help our clients to improve their IT facilities to meet their ever-evolving needs. Our IT support services are dependable and on offer 24/7 for both on-site and remote businesses to help your organization grow and concentrate on its core business.
Our services include but not limited to
Remote IT support
Network installation & configuration
Hardware & software procurement
Sales, Install and upgrade your Anti-Virus software
Backup & recovery
Business continuity and disaster recovery
Regular on-site visits, at a frequency to suit your needs
Technical consultation, including assistance with business projects
Messaging and mobile device email access
Technical troubleshooting covering hardware, software and network systems
Admin upgrades and Microsoft Office installations
Procurement / Installation of business software
Server monitoring and System checks
Monitoring of your third-party hardware maintenance contract agreements
Peripheral hardware set up and configuration: e.g. scanners, printers, digital cameras
Domain name registration & hosting