ADWISERY carried out the project “Information Systems Security Assessment Services” of the Department of Cultural Heritage under the Ministry of Culture

We have provided information systems security audit services involving performance of penetration testing, compliance and information security risk assessment, business continuity and recovery assessment and personal data privacy impact assessment as well as developed a non-compliance action plan and information security risk management plan.

The following information systems security audit services were provided to the Department of Cultural Heritage under the Ministry of Culture (hereinafter referred to as the DCH):

  • Performance of vulnerability assessment and penetration testing of the DCH managed and handled information systems and information technology infrastructure (hereinafter referred to as the DCHIS);
  • Performance of an audit of information systems recovery after an attack;
  • Performance of the assessment of the compliance of the DCHIS safety control measures with the requirements of the Lithuanian legislation and the Lithuanian standard LST ISO / IEC 27001:2017 (hereinafter – the Conformity Assessment) and prepared the conformity assessment report and the non-compliance action plan to elimination of detected non-conformities;
  • Performance the DCHIS information security risk assessment (hereinafter – the Risk Assessment) and preparing the risk assessment report and the risk management measures plan;
  • The DCH provided the results of the compliance and information security risk assessment to the ARSIS system;
  • Performance of the data privacy impact assessment of the following information systems:
    • Register of Cultural Heritage (RCH);
    • Cultural Heritage Electronic Services Information System (CHESIS);
    • Document Management System “Avilys” (Avilys);
    • Financial Accounting Management Systems (FAVS).

The DCH was satisfied with the competence of ADWISERY experts, the ability to delve into the Company’s needs and the deadlines for the implementation of contractual obligations and provided a feedback.