softScheck

Accreditation & Governance

softScheck holds the following accreditations & certifications:

CREST Vulnerability Assessment and Penetration Testing

CREST qualifications are a mark of excellence. Its members, including softScheck, offer a demonstrable level of quality for cybersecurity services through appropriate policies, processes, and procedures. This accreditation ensures the highest standard of penetration testing methodologies in Singapore and worldwide.

Licence for Penetration Testing from the Cyber Security Agency of Singapore (CSA)

Licence for Managed Security Operations Centre (SOC) Monitoring from the Cyber Security Agency of Singapore (CSA)

The Cyber Security Agency of Singapore (CSA) has established a licensing framework for cybersecurity service providers under Part 5 of the Cybersecurity Act (CS Act). This framework is designed to enhance consumer protection, reduce information asymmetry, and elevate industry service standards.

softScheck holds the Penetration Testing Service License from CSA since 2022, ensuring better protection of clients’ interests and addressing information gaps between consumers and cybersecurity providers.

Additionally, softScheck has maintained the Managed Security Operations Centre (SOC) Monitoring Service License from CSA since 2024. This licence is vital for actively monitoring digital assets for signs of potential threats.

Overall Impact and Significance:

Regulatory Compliance

Holding these licences demonstrates adherence to Singapore's cybersecurity regulations and standards set by the CSA.

Client Confidence

Clients can trust that licensed providers meet rigorous criteria and are equipped to deliver effective cybersecurity services.

Enhanced Cybersecurity Posture

Organisations benefit from specialised services that help proactively manage and improve their defences against evolving threats.

In summary, these licences from the Cyber Security Agency of Singapore (CSA) signify that the holders are recognized and authorised to provide essential cybersecurity services, contributing to the protection of Singapore’s digital infrastructure and supporting the cybersecurity needs of organisations operating within the country.

Data Protection Trust Mark (DPTM) Certification from IMDA Singapore

Protecting our customers’ data is of utmost importance to us. The Data Protection Trustmark (DPTM) is a third-party certification that validates our accountable data protection policies, processes and practices. Stay confident that your data is in safe hands when you work with softScheck!

ISO/IEC 27001:2013 Certified

Being ISO/IEC 27001:2013 certified indicates that an organisation has established an Information Security Management System (ISMS) that meets the requirements of the ISO/IEC 27001:2013 standard.

This certification is a globally recognized benchmark for information security management, signifying that an organisation has adopted a systematic approach to managing sensitive company and customer information, ensuring its protection against potential risks and threats. Achieving and maintaining this certification reflects a commitment to information security excellence and can provide significant competitive advantages in today’s digital business landscape.

softScheck Singapore is ISO/IEC 27001:2013 certified for the Provision of Cybersecurity Consultancy Services.

Conformity with ISO/IEC 27001:2013 means that an organisation has implemented a robust system to manage risks associated with the security of data it owns or handles, adhering to best practices and principles outlined in this international standard.

Cyber Trust Mark

Cyber Trust mark is to serve as a mark of distinction to recognise organisations that are actively addressing cybersecurity risks and maintaining an adequate level of cybersecurity in their environment.

As the risk level of organisations vary, instead of prescribing specific cybersecurity measures, the Cyber Trust mark takes on a risk-based approach to guide organisations in identifying gaps in their implementation of the cybersecurity preparedness measures so that their implementation commensurate with their cybersecurity risk profiles.

There are five (5) cybersecurity preparedness tiers in the Cyber Trust mark certification. Figure 1 shows the indicative target organisation profiles for each tier. Whilst indicative target organisation profiles for each tier are shown against dimensions such as the digital maturity level, organisation size and nature of the industry/business, these are indicative and provide general guidance for organisations.

softScheck has achieved the 4th tier, “Performer.”

Trusted Cloud Consultant

softScheck has been recognized as a Trusted Cloud Consultant by the Cloud Security Alliance (CSA) since January 2024. This designation signifies our expertise in cloud security and our commitment to promoting best practices, standards, and frameworks essential for a secure cloud computing environment.

The CSA is the leading organisation dedicated to defining and raising awareness of cloud security best practices. Being a Trusted Cloud Consultant indicates that an organisation has attained a high level of trustworthiness and expertise in advising on cloud-related security matters.

Being a Trusted Cloud Consultant Signifies:

Expertise in Cloud Security

Trusted Cloud Consultants possess deep knowledge of cloud security principles, practices, and technologies, including cloud architecture, deployment models, and associated security challenges.

CSA Guidance

As recognized consultants, we are well-versed in CSA frameworks and best practices, such as the Cloud Controls Matrix (CCM) and the Consensus Assessments Initiative Questionnaire (CAIQ).

Consultative Role

We provide strategic advice and guidance to organizations seeking to adopt cloud services securely. This includes risk assessment, implementation of security controls, and ensuring compliance with relevant standards.

Trusted Advisor

This designation reflects our commitment to prioritizing the security and privacy concerns of our clients while facilitating the benefits of cloud computing.

Continued Learning and Engagement

Maintaining our Trusted Cloud Consultant status requires ongoing education and active engagement with the latest developments in cloud security to stay updated on evolving threats and best practices.

Overall, being a Trusted Cloud Consultant recognized by the Cloud Security Alliance underscores our competence and credibility in the field of cloud security consulting, affirming our role as a trusted authority in cloud security standards and practices.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.