SOLUTIONS

Management Systems, Compliance and Personal Data Protection

Consulting

We support your organization to comply with applicable regulations and ensure the protection of personal data.

Protection and privacy of personal data

We implement strategies for the protection and privacy of personal data in compliance with standards and regulations, such as: ISO/IEC 27001, ISO/IEC 27701, PAV and GDPR.

Improving internal control and regulatory compliance

We establish an internal control system that allows our clients to mitigate risks and comply with the provisions of different applicable regulations, such as: SOX, PCI, CNBV, SAT, CNSF, etc.

Governance, Risk and Compliance (GRC) Systems

We implement and put in place systems that facilitate the identification and grouping of regulatory and contractual requirements, in order to manage and monitor the risks inherent to the company's operation and avoid possible non-compliance.

Management Systems

We define, implement and ensure the certification of Management Systems based on international standards, such as:

27001 Information Security
27701 Data privacy
22301 Business Continuity
20000 IT Service Management
56000 Innovation Management
37000 Anti-bribery
9001 Quality
14001 Environmental
42001 Artificial Intelligence
45001 Occupational health and safety
26000 Social Responsibility

Audit

Compliance audit.
We perform objective and independent reviews regarding compliance with reference frameworks or regulations, verifying the existence of controls and running tests to validate that they operate and fulfill their purpose (SPEI, STP, SPID, INDEVAL, SOC I and II, SOX, PCI, ISO/IEC 27001, LFPDPPP, etc.).

Training

Culture and consciousness. Raise awareness and train your employees on information security and cybersecurity issues, minimizing the risks caused by people.
ISO/IEC 27001 Information Security Management
  • Fundamentals, Implementation and Auditing
ISO/IEC 27032 Cybersecurity management
ISO/IEC 27701 Privacy Information Management
  • Fundamentals, Implementation and auditing.
ISO 22301 Business Continuity Management
  • Fundamentals, Implementation and auditing.
ISO/IEC 31000 Risk Management
ISO/IEC 20000-1 IT Service Management 
  • Fundamentals, Implementation and Auditing
ISO/IEC 9001 Quality Management
  • Fundamentals, Implementation and auditing.
Personal Data Protection
  • LFPDPPP (Ley Federal de Protección de Datos Personales en Posesión de los Particulares) (Federal Law for the Protection of Personal Data in Possession of Individuals).
  • LGPDPPSO (Ley General de Protección de Datos Personales en Posesión de Sujetos Obligados) (General Law for the Protection of Personal Data in Possession of Obligated Subjects)
  • PAV (Binding Self-Regulatory Parameters)
  • GDPR (General Data Protection Regulation)