• Digital Security Assessment
In an increasingly digital world, digital-attacks on human rights defenders have become an everyday reality. DIGA has seen that Human Rights Defenders should reduce their organization's and personal security risks and work towards safeguarding their information systems. Digital security assessment is among the core elements of what DIGA does.

Our team of experts help to check organizations security posture and:

• Identify Security Threats and Gaps


• Assess the level of security risks


• Recommend Effective Security Measures

At every step during the assessment process, DIGA customizes the assessment to meet the organizations' security needs. We follow the risk assessment methodologies based on security best practices and we also use recommended security auditing frameworks and benchmarks such as SAFETAG

The purpose of an audit is to act as a checklist to the organization's security infrastructure and policy and how they are applied. A team of experts from DIGA conducts an organizational review to ensure that the security infrastructure and the policies are being followed to the dot. In this process, employees are interviewed regarding security roles and other relevant details.
DIGA see the need for Audit and assessment because among others, it improves:

• • System reliability & security:
  
  IT systems and infrastructure must be reliable, secure and not vulnerable to hacking, spywares among other risks, this calls for audit and assessment.
  



• • Risk Reduction:
  
  IT audit also helps to reduce risks of data tampering, data loss or leakage, service disruption, and poor management of IT systems. Audit provides feedback on the most at risk routes into organizations. Experts from DIGA will try to get into the assessed organizations' systems by any means possible, like a real world attacker would. This could reveal lots of major vulnerabilities.
  



• Identifying threats potential:
  
  DIGA has observed that Digital security assessment helps to identify dangers that have the potential to impact system security such as human threats, environmental threats, to technical threats.
  



• Vulnerability identification:
  
  DIGA believes that System vulnerabilities provide the opportunity for an exploit to occur; logically, therefore by definition, without a vulnerability present there is no risk, while with a vulnerability the risk can be potentially tremendous. Many of these vulnerabilities in system software, procedures and internal controls are the result of a control not being applied.
  



• Determine risk level:
  
  After the assessment by the expert team from the DIGA, the findings are useful to help examine the likelihood of risk occurrence and the impact. Therefore, the recommendations / mitigations are given to the assessed organization and hence it has the opportunity to mitigate the risk through the application of additional controls.
  



• Risk response:
  
  When risk evaluated is at the level where attention is needed (e.g., a high or medium risk, or a combination of multiple types of low risk), management must decide which approach to take. Audit and assessment therefore help in achieving that objective.
  

So, DIGA conclude by saying that digital security is key to the operation of any organization. However, owing to the fact that digital threats evolves daily, the risks are broader. At DIGA, we offer security audit and assessment services to the needy.