Information Security

Having worked for over 15 years in both Financial Services and Legal Sectors we have witnessed an explosive growth in the need for information Security due to the demanding levels of compliance demanded by regulatory authorities.

This demand has spawned a whole new industry in its own right.

To many business leaders  “Information Security” is all about having a Information Security Policy in place.

However as every business is different then its virtually impossible to have a one size fits all policy that can be adapted to any company. Trying to do this can lead to a policy that is so onerous that it can be virtually impossible for people to comply with. More importantly is that it may not address the real information security threats to their business.

We have worked with a number of businesses to help them achieve regulatory compliance using ISO27001 and PCI-DSS.

We believe that a pragmatic approach should always be used.

The starting point for this is a risk assessment of your information security requirements. We will help you identify and document all your information assets, their vulnerabilities and the threats against them.
From this central risk register, changes can be identified and then implemented which will address each risk in question.

The end result will be an active Information Security Management System that is designed around and works with your business.

Unfortunately their is not one size that fits all when it comes to Information Security as each business is different.

So if you would like to apply a pragmatic approach to IT and Information Security then contact us now.

Find out more with this Information Security Review tool