Founded in 1996 by experienced IT professionals, ComTec Information Systems Inc. delivers
services that meet the individual needs of our clients.

ComTec provides a complete Integrated Information Security and Risk management solutions for large enterprise clients and small and medium enterprise clients. ComTec’s evolution as a
complete security solution provider began with highly technical network-targeted services for
small and mid size enterprise clientele and large enterprise clients. Since then, we have
expanded our services to include policy, procedure, and governance assessments of best
practices (CobiT, ISO, ISF, et cetera); managed security services for networks; operational risk
assurance such as forensics, incident response, disaster recovery and other ad-hoc consulting;
and, last but not least, application code audits, reviews and penetration tests. Furthermore, our services have improved to provide value to both technical and management audiences in major government and private organizations throughout United States. ComTec's dedication to quality and excellence in both service provision and consulting makes it a leader in IT Security industry.

Our expertise in information security is internationally recognized by both academic and
professional institutions. The majority of our senior resources developed the components of the Information Assurance and Security and Information Security Management. We provide technical security consulting with unprecedented detail and value to organizations throughout United States while sharing our knowledge with academic and non-academic audiences.

ComTec employs experienced network and server security mechanisms used every day by major governmental organizations. Not only are we experienced with the low-level technical network and server security, but our employees are also very experienced with the high-level aspects of information security including policies, procedures and compliancy issues.

As an organization, ComTec has developed a number of innovative network and server
assessment methodologies. Recently, we developed a method to link all of our technical findings directly to a policy or process standard. For instance, as a very basic illustration, systemic technical findings such as patch levels can be associated with more general patch management policies and procedures. Each technical finding can be applied or contrasted against the entire ISF Standard for Good Practice (often, technical findings are in the hundreds of discrete elements). This provides value to clients because it is not a qualitative assessment of policies, but is instead a technical assessment with links to policy failures. This method can be used confirm more traditional assessments of governance models, policies, and procedures including but not limited to ISF, ISO and CobiT.

ComTec has also developed innovative methods to qualify and quantify the value of information for risk assessment models. Since all audiences are not technical, we find that qualifying our findings in terms of business impact or risk is often useful.

In short, ComTec is a leader in highly technical information security services whose excellence is recognized internationally by both private and public institutions and organizations.