Sybrid is a leading Business Process Outsourcing (BPO) company, with ISO 27001 standard ISMS Compliance, that provides technological solutions, software development & hosting services to clients across the world. They have over 2000 employees in their Karachi offices and have a large complex network setup. Sybrid’s network required improvement in its ISMS Compliance for Gap Analysis activities.

Concave FORT’s Cybersecurity Consultancy remained helpful to understand the requirement and propose Governance, Risk & Compliance services based on International Standards to evaluate the effectiveness of ISMS at Sybrid. Moreover, the secure architecture review helped to assess the current maturity of Sybrid’s cyber hygiene using CIS Critical Security controls and to evaluate the current maturity of the Sybrid’s Information Security.

Concave FORT’s GRC experts worked with Sybrid’s QA to collect the documented policies and procedures against applicable controls mandatory for ISO27001 regulatory compliance and evaluated the effectiveness of practices against the defined policies and procedures. The process for a better understating of assets, risk against all the assets, controls applied, and their implementation status was evaluated carefully to identify the Gap and suggest recommendations for improvement in the current ISMS Compliance for IT, Admin, HR, Dev, Finance and other in-scope divisions. Another goal achieved was to enable the stakeholders to have a birds-eye view of all the processes functioning around the organization to develop appropriate policies and take the best decisions for the business’s needs and success.

The final report at the end of the Gap Analysis activity for ISO 27001 Standard ISMS Compliance helped Sybrid to evaluate the effectiveness of compliance with recommendations for improvements throughout the organization. Sybrid is way looking forward to these exercises for its Islamabad, Lahore & Peshawar sites.