Our Solutions
Audit & Advisory Solutions
We aid in identifying and evaluating IT security risks, ensuring compliance with South African laws and global standards. Risk X helps you understand the value, weaknesses, and future IT challenges of your organization. Our services equip you to detect and manage risks early on, meeting industry standards. As independent auditors, we verify the effectiveness of your IT systems for regulatory bodies.
GENERAL DATA PROTECTION REGULATION
Our team specialises in all aspects of the requirements from discovery of data locations, to a Privacy Information Management System (PIMS) framework, to the security of the systems that this information is housed on.
ISO 27001:2022
Risk X has developed methodologies over many engagements that assist with governance, policy and the technical controls required.
PCI DSS QUALIFIED ASSESSOR
Risk X’s overall approach and the services it offers to achieve PCI DSS compliance has been tried and tested. As a PCI QSA company we offer both advisory and audit services in this area.
OUTSOURCED CISO
CISO assist and provide quidance with integration of security within business processes. Establishing and retaining the necessary in-depth knowledge can be difficult and expensive for an organisation. Risk X can provide you with the assurance and backup that you require on an ad-hoc or scheduled basis with one of our Outsourced CISOs.
PCI P2PE QUALIFIED ASSESSOR
Risk X is an experienced advisor, and PC SSC qualified assessor of PCI Point-to-Point Encryption (P2PE) Solutions and P2PE Components. Through secure encryption, these solutions significantly reduce merchants’ PCI DSS validation efforts, while providing robust protection of cardholder data from its encryption at the POI device until decryption in the Decryption Environment.
Assurance & Pentesting
Assurance, once limited to IT products and systems, now encompasses broader security objectives like services, processes, personnel, and organizational factors. Stakeholders seek assurance to manage risks, influencing methods and levels chosen. Each organization’s uniqueness requires tailored security measures and metrics to gauge success.
DATA FORENSICS
Risk X provide data forensic service for the identification, preservation, analysis and documentation of electronic data for judicial purposes while maintaining data integrity of our client.
PENETRATION TESTING
Risk X follows a customised testing framework aligned with the NIST-SP 800-115, The Open-Source Security Testing Methodology Manual (OSSTMM) and OWASP penetration testing frameworks.
PCI FORENSICS (PFI & PFI LITE)
Risk X conducts post-incident cyber forensic investigations for compromised payment organisations – to improve intelligence, ensure containment and advise on remediation to prevent re-occurrence.
CYBER INCIDENT RESPONSE
Our Cyber Incident Response service minimises the impact of a cyber incident on your organisation by reducing downtime and losses – operationally, financially and to your organisation’s reputation and brand.