RAC ISSEC is a methodology developed by RAC that offers practical and interconnected IS security examinations during every phase of the IS lifecycle, directly at the customer’s site and on their systems, including Internet penetration testing.

RAC ISSEC focuses on IT technologies, but also examines the security of their implementation and operation, as well as all other security layers: physical, personal, administrative and organizational (ISMS).

RAC ISSEC is designed in compliance with ISO/IEC 27002:2005 and ISO/IEC 27001:2005 standards. It is used as a diagnostic tool and process for IS risk analysis, selection of controls, security testing and audits, and it supports and functions as a practical part of ISMS implementation and operation.