Information is critical to every organization. Increasing dependence on ICT systems for storage, generation and transfer of business information makes the processes for managing those ICT systems vital for businesses to perform effectively and achieve their strategic objectives.
Protecting an organisation’s information in the face of ever-increasing advances in technology is a continuing challenge for management. An adequate level of information security is a basic need for every organisation and today, also due to the locally enacted Data Protection Act 2001, the implementation of information security is a legal requirement for any organisation processing personal data.
Establishing and implementing the right level of information security is of paramount importance to every organisation. “How far should I go?” and “How much should I spend (on information security)?” are frequently asked questions. Finding the right balance, many a times requires specialist assistance.
Our consultants can carry out a high-level security review to assess how your organisation currently measures up to the ISO 27001 (previously ISO 17799 part 2) information security management system standard and recommend steps your organisation could take to improve security in areas of weakness.
ISO 27001 is an established international standard for information security management systems that represents a combination of best in class security practices.
This standard focuses on the protection of an organisation’s information, and the mechanisms for handling it. The standard provides an objective means of measuring and comparing best practice in information security management, and promotes confidence in electronic inter-company trading.
Our methodology addresses all key areas of ISO 27001. However, as every organisation is different, we will tailor the scope of the review to your needs. At the end of each assignment, if there are areas of weakness compared to the standard, we shall develop a plan for addressing these risks. For each risk, we will design and implement the relevant and cost-effective security countermeasures.