Citadel Information Group, Inc. Information Peace of Mind SM Available — Confidential — Correct Strategy—Technology—Operations—Processes—People Prevention—Detection—Recovery—Compliance As an information security management consultancy, Citadel Information Group provides our clients Discrete and confidential counsel on information security matters Information security reviews and assessments, both management & technical Information security management improvement programs, at both the organizational level and within IT Security incident management, including computer forensics and litigation support   Citadel's information security management improvement programs are designed to Implement an effective organizational information security management structure Securely manage the Information Technology infrastructure Create and foster an information security aware culture   Our information security services are designed in accordance with Information Security Best Practices and focus on the following information security control structures: Enterprise-wide information security management Information security policies Information asset classification and control Security management of the computer and network infrastructure Secure system development and deployment Personnel trust management Physical security Information continuity, including incident response and business continuity planning Compliance with laws, regulations, and norms Review and assessment Information security training & education   Our Total Systems Approach to the protection of critical information assets is is designed to cost-effectively integrate the securing of critical information assets into our clients' business, consistent with their unique business realities Some of the key features and benefits of our approach include Integration of a technology vulnerability review, review of management and employee practices, and external penetration testing, resulting in a more thorough understanding of a client's information security weaknesses with improved opportunities to comprehensively mitigate the client's risks Use of industry standard evaluation methodologies, providing clients with a benchmark of their security controls against emerging standards Findings and recommendations presented at a summary level so as to be understandable to senior management, while detailed enough for implementation by technical personnel Complete and total vendor neutrality with respect to technology solutions, ensuring an impartial evaluation and recommendation process Recommended countermeasures and controls customized to our client's needs and budget-constraints, resulting in greater security "bang for the buck." All recommendations prioritized, resulting in more effective sequencing of information security capacity improving activities Senior management involvement through a review and the decision-making process, so that information security capacity improvement plans are appropriate, realistic, affordable, and achievable Security is integrated into the client's culture, so that change management issues can be more effectively managed   For examples of our projects, see Client Profiles   Information Peace of Mind is a Service Mark of Citadel Information Group, Inc. © Copyright 2002 - 2005. Citadel Information Group, Inc.. All Rights Reserved.