With the fluctuating state of the economy, regulatory and compliance requirements are increasing world over. At AGC, our customized IT Governance, Risk and Compliance (IT GRC) service offerings come through our experienced and certified GRC consultants. With these, we help you meet all requirements, manage and maintain your business more efficiently as well as enhance the level of various compliances within the organization, helping your business flourish.

We offer IT GRC consultancy and audit services and provide services for implementing ISO 9001, ISO 27001, ISO 20000, BS 25999, the IT part of Sarbanes Oxley Act, SAS70 and other similar compliance requirements for Information Systems (IS).

Our IS audit services encompass information security, network security, application security, database security, OS security and operational security. We have conducted in depth code review of applications, and remote security management framework and have sound experience in conducting application audits using ACL and conducting vulnerability assessment/penetration testing. We also offer consultancy for PCI DSS compliance. We have carried out IS audit for many fortune 500 companies world over. These audits ranged from information security, network security and specific application audits to detailed code review and compliance audits for ISO 27001, SOX, ISO 20000 and other internal compliance audits.

• Consulting and managing services for ISO 27001, ISO 20000, ISO 22301, ISO 9001
• Integrated management systems for all management system standards
• Consulting and managing services for IT SoX, PCI DSS, SAS 70 (SSAE 16), HIPAA
• Implementation of ITIL, COBIT framework
• Internal audits for applications, database, operating systems, networks, security infrastructure, etc.

Enterprise Security Solutions

• Web application firewalls
• Data leak prevention
• File integrity
• Public key infrastructure
• Intrusion prevention

Information security/GRC Consulting Services-

• IT Governance
• Data Privacy
• Ethical Hacking (VA/PT)
• SSAE 16- (SOC1 SO2) Certifications
• ISO 27001
• ITIL
• ISO 20000
• ISO 22301
• ISO 9001
• PCI DSS
• HIPAA
• Data Protection Act
• HIPAA
• IT Sox etc.

Technology Implementation & Support-

• IT Governance
• SIEM
• WAF/DAM
• NAC
• Identity Management
• End Point Protection
• PKI
• DLP
• File Integrity
• Authentication
• Wireless Security
• Security Operations- Remote or Onsite Monitoring & Support

• AGC is empanelled as an IT Security Auditing Organization with CERT-In (Indian Computer Emergency Response Team). This is a part of the Government of India's Ministry of Communications and Information Technology - a national nodal agency for responding to computer security incidents.

• AGC has the capability to execute assignments for organizations of various sizes and spread across geographies. Examples:

• Execution of consulting assignment covering 100+ locations globally for a fortune 500 company
• Provision of consulting services to a leading Indian IT service provider to achieve establishment of multiple standards like Integrated Management Certification (ISO 27001, ISO 20000, BS 25999, ISO 9001)
• Implementation of high end compliance solutions at very sensitive departments like the Indian Navy, Nuclear Power Corporation of India and the Municipal Corporation of Greater Mumbai
• Provision of consulting services to one of the largest Telecom providers enabling them to be the first IT Service Management Certified (ISO 20000) company in India
• Successful conduction of IT Security audits on an annual basis on various IT infrastructures, networks and applications across industries like BFSI, IT & ITES, Manu, Service Providers, PSUs, Pharma and more

• AGC has highly focused domain knowledge with a competent delivery team comprising of qualified and certified security professionals with certifications like CISA, CEH, CISM, CGEIT, CRISC, Lead Auditors for ISO 9001, 27001 and 20000, ITIL V3 foundation and CBCI.

We at AGC provide entire information/compliance life cycle management from classification of information to implementing the right technology and processes to getting appropriate certification and managing the information /compliance/certification on year on year basis