Services - Threat & Risk Assessments

• The Internet Banking Industry in Australia and other organisations around the world have been subject to various hoax email scams that have aimed to steal and record customer authentication information.
• The 2002/3 and 2003/4 Computer Crime survey showed that IT security continues to grow in importance and cost, with twice the number of respondents suffering a computer security incident in 2002 than was the case in 1999.
• The OWASP Top Ten lists a range of vulnerabilities that continue to occur in the online applications of a range of organisations. TRAs conducted by DotSec during 2002-04 have backed these findings with, in some cases, online applications failing to correctly implement even standard security mechanisms, such as session management.

• Independent Threat and Risk Assessments (TRAs). DotSec works with you to understand your business processes, identify your IT business assets, and assess and manage your risks.
• DotSec security professionals have conducted a wide range of Threat and Risk Assessments (TRAs) and Security Audits for a range of organisations. TRAs are based on standards including AS/NZS 4360, 4444 and 17799, and Australian government standards ACSI 33 (Federal) and IS18/IT&T-14 (State).
• DotSec security professionals have the capability to produce assessments that include all aspects of an organisation, from its policies and procedures to its core service implementations, and from its network infrastructure to its n-tiered application design and implementation.