Cybersecurity Proposal for Digital Remedy
Cybersecurity Proposal for Digital Remedy
Prepared for:
Angel & Sandesh
Digital Remedy
Prepared by:
Sam Patel
Tiger Advisory
Thank you for considering Tiger Advisory as your trusted partner for your cybersecurity needs. We are pleased to present this Statement of Work, outlining the details of our proposed engagement and pricing for your project. Should you choose to move forward with this, we will then schedule a call to go over the details and send a formalized quote. We appreciate the opportunity to aid you, we are confident that our expertise, dedication, and commitment to delivering exceptional results will make this a successful partnership. We look forward to the possibility of working together.
Thank you for considering Tiger Advisory.
Purpose
This Statement of Work (SOW) outlines the scope, objectives, deliverables, and terms and conditions for the Penetration Testing engagement between Digital Remedy hereinafter referred to as the "Client") and Tiger Advisory (hereinafter referred to as the "Service Provider" or “Tiger”).
Project Objectives
The primary objectives of this engagement are as follows:
External Penetration Test
To identify vulnerabilities in the external network perimeter, including web applications and network infrastructure.
Attempt to gain unauthorized access to high value systems, applications, and sensitive information.
To assess the resilience of external-facing systems to common security threats and attacks.
To provide recommendations for mitigating identified vulnerabilities and improving the overall security posture.
To develop a prioritized remediation approach to help address the identified vulnerabilities and minimize risk to the environment.
Internal Penetration Test
To identify vulnerabilities and security weaknesses within the internal network infrastructure.
To assess the effectiveness of internal security controls and measures.
To provide recommendations for improving internal security and reducing the risk of unauthorized access.
Endpoint Penetration Test
API Penetration Test
Scope of Work
Enter scope of work here.
Deliverables
We find success because of our well-proven strategies of collaboration. Working with us means clear communication through our process and seamless iterations till we make sure your vision is brought to life.
Findings Report
A comprehensive report for each penetration test assessment type (External, Internal, Endpoint and API), including:
Comprehensive Vulnerability PDF Report
CSV Export of Identified Vulnerabilities
Executive Summary Report
Attestation Letter
Timeline & Milestones
Clarium will use two (2) Sr. Engineers for this engagement. The proposed projects will be completed in four (4) weeks. The following milestones will be achieved:
1 week
Project Kickoff Meeting
3 weeks
Scope Definition (Terms of Engagement Specified)
2 weeks
Information Gathering
1 hour
Reporting
1 hour
Client Review Meeting
1 hour
Final Report Submission
1 hour
Project Closure
1 hour
Penetration Re-test Assessment
1 hour
Client Feedback and Evaluation
Total Timeline
~ Four (4) weeks
Meetings & Project Management
To be scheduled by Parties as needed, during kickoff meeting.
Tiger Support - Penetration Test Project Manager
The Penetration Test Project Manager serves as the key liaison between the client and the testing team, orchestrating all aspects of the penetration testing project. Responsibilities include defining the project scope, coordinating testing activities, monitoring progress, ensuring ethical and regulatory compliance, delivering clear and actionable findings to the client, providing post-test support, and driving continuous improvement in cybersecurity practices. This role is instrumental in maintaining effective communication, efficient project execution, and client satisfaction throughout the engagement.
Payment Terms & Structure
We work on a flat fee basis for projects, so we quote you a single project price instead of an hourly rate. The scope of work, complexity of the problem, and a host of other influences are factored into our pricing; meaning every project is different.
Annual External, Internal, Endpoint and API Penetration Tests with Included Re-Test
Tiger Advisory offers an annual pen test for a total budget of $XXXXXX. This service includes:
One comprehensive pen test engagement per year (External, Internal, Endpoint and API Penetration Tests).
A re-test of all critical and high priority findings from the initial pen tests.
A detailed report on the findings of each pen test focus area, including recommendations for remediation.
Semi-Annual External, Internal, Endpoint and API Penetration Tests with Included Re-Test
Tiger Advisory also offers semi-annual pen tests with included re-test for a total budget of USD $XXXXXX. This service includes:
One comprehensive pen test engagement per year (External, Internal, Endpoint and API Penetration Tests).
A re-test of all critical and high priority findings from the initial pen tests.
A detailed report on the findings of each pen test focus area, including recommendations for remediation.
Each Penetration Test Invoiced Separately
Project Total
$XXX USD
On-going Services
On-going Service #1
$XXX/Mo.
We create a direct and responsive line on communication between you and us, ensuring quick turnover on all commitments.
◉ We monitor the status of your website constantly, & guarantee 99% uptime for website factors within our control.
◉ Implement any changes or additions to the CMS or assets. (images, video, link addresses, etc.)
◉ Implement any changes to the layout or copy write.
On-going Service #2
$XXX/Mo.
The first step of our Infinite Design Subscription is working with you to build a brand guideline (Colors, Typography, Visuals, Photography) that matches your aesthetic. We adhere to these guidelines strictly when providing designs for almost every medium of content.
You can request designs one at a time and we guarantee between 24 to 48 hrs of a turnover time depending on complexity.
Here are a few examples of things we can provide designs for:
◉ Digital Marketing Posts (Instagram, LinkedIn, Facebook Posts)
◉ Print Material (Post Cards, Pamphlets, T-shirts)
◉ Newsletter header images
◉ Illustrations or Infographics
On-going Service #3
$XXX/Mo.
We perform SEO Audits at the beginning of the month to adjust to content strategy, alt tags and tonality of copy on the website to maximize visibility on keywords/search results you want to show up for. At the end of the month we provide performance results to compare the effectiveness of SEO strategies.
Payment Schedule:
Initial Payment:
The Client shall make an initial payment of 50% of the total project cost before the commencement of the penetration testing engagement.
Final Payment (Upon Conclusion):
The remaining 50% of the total project cost shall be due upon the successful conclusion and delivery of the penetration testing report and findings.
Payment Terms:
Payment for the Services shall be made by Digital Remedy within thirty (30) days following receipt of Tiger’s invoice. Any and all payments will be made via ACH using the following address and bank information:
BENEFICIARY: Tiger Advisory Associates, LLC
BANK NAME: Bank
ADDRESS: Address
ACCOUNT#: Account#
ABA ROUTING#: ABA routing #
SWIFT CODE: Swift Code
Differentiators
Integrated Global Support
Tiger Advisory seamlessly supports global operations with a US-based team. Tailored solutions efficiently meet client objectives, ensuring a comprehensive approach to achieving success across diverse regions and regulatory landscapes.
Tailored Strategic Approach
At Tiger Advisory, we understand that each organization has unique needs and priorities. Our practical and tailored approach ensures that our solutions align seamlessly with our clients' objectives, delivering tangible results and driving sustainable growth.
Regulatory Excellence
With a proven track record, Tiger Advisory navigates global regulatory complexities adeptly. Engagements with key bodies like OCC, FRB, and FCA showcase our commitment to compliance and staying abreast of regulatory shifts.
Governance and Reporting Expertise
We provide comprehensive governance and reporting expertise, offering valuable guidance to boards, regulators, and senior management. Our commitment to transparency and accountability ensures that compliance and risk management efforts are effectively executed.
Specialized IT Solutions
Our specialized IT remediation services focus on enhancing IT controls, strengthening cybersecurity measures, optimizing data management, and mitigating third-party risks. By addressing critical digital vulnerabilities, we safeguard our clients' operations against emerging threats.
Exceptional Program Management
With a holistic approach, Tiger Advisory maximizes cost efficiency and resource allocation across initiatives. Our seasoned specialists, averaging over 15 years of industry experience, provide expert guidance to navigate complex challenges and ensure long-term success.
Next Steps
After this proposal has been reviewed and agreed upon, please sign the Contract and pay the deposit per payments agreement.
If you have any questions or concerns, book a meeting with me, let's talk!
We'll configure decided channels of communication -- usually email or Slack.
Everything related to your project resides in your Client Dashboard. Here, you can share assets for the website, see designs and track progress with a demo link.
Through our process, we build a Resources Document containing custom resources like relevant access information for tools, assets, brand guidelines or guides on how to best manage your website.