The e-Sure methodology is not based on a single concentrated effort, but on a continuous process, assuring the maintenance of high level information security, as long as the system is e-Sure certified. The standard contract term is 3 years.

The risk created by new threats, new exposures, or some internal change of the system’s parameters, demands periodic security check ups. Therefore, in addition to the close security support provided, periodic penetration tests will be performed every year. An external penetration test will be performed, simulating an uncertified access attempt from outside the organization.

Using their vast experience and access to information sources (such as ISCA’s knowledge bases) Comsec’s experts are aware of every new threat, sensitive breach or new tool for unauthorized penetration. During the periodic penetration tests, Comsec’s experts will examine the effect of new threats/tools/breaches on the certified system. The proposed interval for the e-Sure periodic penetration test of the online systems set as minimum one time every year.

Optionally, your organization may choose shorter intervals between the tests for an extra cost.