Company in the field of Contact Center and provider of technology solutions consolidated as one of the main players of market with more than 6,000 employees and 4,000 active service positions. Highlighting the outsourcing of infrastructure, SAC (Customer Service), Billing, Telesales Solutions and Back Office.

What we do?
Gap analysis in SI according to ABNT NBR ISO/IEC 27001:2013 and Annex A.

Maturity analysis of ITSM processes using the COBIT 5 PAM (Process Assessment Model) methodology.

Development of analysis of gaps of compliance for LGPD 13.709/2018 according to ISO/IEC 27701:2019.

Development of the personal data inventory and RIPD (Data Protection Impact Report) resulting in the risk map for privacy and personal data, as well as the planning of strategies and actions to mitigate them.

Implementation of privacy governance: policies, procedures and necessary training.

What do we add?
Vision and understanding of IS, privacy and personal data risks for senior management providing focused action and perception of the organization's customers regarding the importance and actions of IS and company privacy management.

A provider of consumer credit financial services, under the regulation of BACEN (Banco Central do Brasil), operating through online services and Banking Correspondents (CB) throughout the national territory. Supports the granting of credit to one of the largest retail chains in the country.

What do we accomplish?
Gap analysis in SI according to ABNT NBR ISO/IEC 27001:2013 and Annex A.

Maturity analysis of ITSM processes using the COBIT 5 PAM (Process Assessment Model) methodology.

Development and implementation of the Corporate Information Security Policy (PSI) in conjunction with the IS education and awareness program.

Development of the compliance gap analysis for the General Data Protection Law (LGPD) 13.709/2018 in accordance with the ISO/IEC 27701:2019 standard.

Development of the personal data inventory and RIPD (Data Protection Impact Report) resulting in the risk map for privacy and personal data, as well as the planning of strategies and actions to mitigate them.

Implementation of the OneTrust platform: Data mapping, Assessment automation, DSAR (Holder Rights Portal), cookie management and supplier risk management.

Development of the Information Security Management Program (SGSI) intertwined with the requirements of BACEN's normative resolution 4.658/2018, which provides for the cyber security policy and the requirements for contracting data processing and storage and computing services in a cloud.

Development of a process for contracting and managing data processing and storage and cloud computing services in accordance with BACEN normative resolution 4.658/2018. Process structured in the best practices of the CSA (Cloud Security Alliance).

What do we add?
Vision and understanding of IS, privacy and personal data risks for senior management providing focused action and perception of the organization's customers regarding the importance and actions of IS and company privacy management.

Vision and understanding of the importance of internal preparation for managing third-party services (suppliers) mainly cloud computing services.

Company that directly employs more than 500 people, contributing to Brazilian food production, as well as to the advancement of productivity and efficiency in the countryside and in the city, in addition to developing social and environmental actions in favor of the community.

What do we accomplish?
Gap analysis in SI according to ABNT NBR ISO/IEC 27001:2013 and Annex A.

Maturity analysis of ITSM processes using the COBIT 5 PAM (Process Assessment Model) methodology.

Development and implementation of the Corporate Information Security Policy (PSI) in conjunction with the IS education and awareness program.

Development of the compliance gap analysis for the General Data Protection Law (LGPD) 13.709/2018 in accordance with the ISO/IEC 27701:2019 standard.

Development of the personal data inventory and RIPD (Data Protection Impact Report) resulting in the risk map for privacy and personal data, as well as the planning of strategies and actions to mitigate them.

Implementation of privacy governance: policies, procedures and necessary training.

OneTrust platform implementation: Data mapping, Assessment automation, DSAR, cookie management, supplier risk management, incident management.

What do we add?
Vision and understanding of IS, privacy and personal data risks for senior management providing focused action and perception of the organization's customers regarding the importance and actions of IS and company privacy management.

Company that provides complete and integrated solutions for benefit management (PAT), finance and fleet with national coverage.

What do we accomplish?
Development and implementation of the Corporate Information Security Policy.

Development and implementation of a new network architecture considering the premises and best practices for Information Security required by the business.

Preparation of the IS management structure, indicators and IS awareness processes to achieve PCI-DSS certification.

Wireless network development and implementation.

Implementation of network structure and services for video conferencing.

Framework deployment for ADC (Application Delivery Controller) with intelligent application balancing.

Systemic development and implementation of ITSM disciplines management: service request management, event, change and incident management.

Development and implementation of critical business event monitoring.

What do we add?
Considerable reduction in the unavailability of applications and services, expansion of the security level of the organization's service structure.

Company created in 2005 to provide digital services in IT and Telecom, it operates throughout the national territory with VoIP, CRM, and IP PABX telephony services.

What do we accomplish?
SI gap analysis according to ABNT NBR ISO/IEC 27001:2013 and Annex A.

Maturity analysis of ITSM processes using the COBIT 5 PAM (Process Assessment Model) methodology.

Development and implementation of the Corporate Information Security Policy (PSI) in conjunction with the IS education and awareness program.

Development of compliance gap analysis for the General Data Protection Law (LGPD) 13,709/2018.

Development of the personal data inventory and RIPD (Data Protection Impact Report) resulting in the risk map for privacy and personal data, as well as the planning of strategies and actions to mitigate them.

Implementation of privacy governance: policies, procedures and necessary training.

Data Officer Service (DPO as a Service – DPOaS).

What do we add?
Vision and understanding of IS, privacy and personal data risks for senior management providing structured action and perception of the organization's customers regarding the importance of actions for IS management and automation in the processes for privacy and personal data management by the company.

Company engaged in retail sales of home appliances, furniture, clothing, perfumes and other consumer items. Sales are carried out in more than 400 stores throughout the country and through digital services. With approximately 5,000 employees and a base of 7 million customers, this company's understanding of supporting the customer safely and keeping their personal data under the scrutiny of LGPD 13,709/2018 made possible a joint project with Noussec.

What do we accomplish?
SI gap analysis according to ABNT NBR ISO/IEC 27001:2013 and Annex A.

Maturity analysis of ITSM processes using the COBIT 5 PAM (Process Assessment Model) methodology.

Development and implementation of the Corporate Information Security Policy (PSI) in conjunction with the IS education and awareness program.

Development of compliance gap analysis for the General Data Protection Law (LGPD) 13,709/2018.

Development of the personal data inventory and RIPD (Data Protection Impact Report) resulting in the risk map for privacy and personal data, as well as the planning of strategies and actions to mitigate them.

Implementation of privacy governance: policies, procedures and necessary training.

Implementation of the OneTrust platform: Data mapping, Assessment automation, DSAR (Holder Rights Portal), cookie management, supplier risk management, Data Discovery and consent management.

What do we add?
Vision and understanding of IS, privacy and personal data risks for senior management providing structured action and perception of the organization's customers regarding the importance of actions for IS management and automation in the processes for privacy and personal data management by the company.

Companies that provide supplementary health services that are components of the Unimed Brasil business ecosystem, under the regulation of the ANS (National Supplementary Health Agency), considered a national reference.

What do we accomplish?
SI gap analysis according to ABNT NBR ISO/IEC 27001:2013 and Annex A.

Maturity analysis of ITSM processes using the COBIT 5 PAM (Process Assessment Model) methodology.

Vulnerability analysis and exploitation (PenTest).

Development of the compliance gap analysis for the General Data Protection Law (LGPD) 13,709/2018 in accordance with the ISO/IEC 27701:2019 standard.

Development of the personal data inventory and DPIA (Data Privacy Impact Assessment) resulting in the risk map for privacy and personal data, as well as the planning of strategies and actions to mitigate them.

Development of the governance program for privacy and personal data (PIMS) intertwined with the requirements of normative resolution RN 443 of the ANS.

Development and implementation of the Privacy and Personal Data Policy together with the respective processes, education and culture (training) in the management of personal data.

Implementation of the OneTrust platform: Data mapping, Assessment automation, DSAR (Holder Rights Portal), cookie management and consent management.

What do we add?
Vision and understanding of IS, privacy and personal data risks for senior management providing focused action and perception of the organization's customers regarding the importance and actions of IS and automation for the privacy management of companies.