Information Security

Having worked for organizations at various levels of maturity in these functions, we recognize and adopt patterns that led to success and, of course, seek to avoid those which foundered. Whether you are implementing information security management from scratch or improving an existing function, it is worth considering and planning actions over both the short- and long-term because these are complementary approaches. Short-term (tactical) activities can achieve significant improvement in certain narrow areas and, most importantly, can generate the impetus and information to address broader and deeper-seated problems.However, failure to address the long-term root causes of poor information security is one of the most widespread and serious management issues today. An adequate and effective security awareness program must be developed. For responding to technology risks and constantly changing security threats we incorporate a six step approach:

Implement Baseline Controls

IS

Analyze Information Security Risks

IS

Evaluate information processing assets and carry out a risk analysis includes :

IS

Prepare Business Case to Improve Controls

IS

Initiate an Overall Information Security Improvement Programme

IS

Implementation , Deliverance and Maintenance Of The Program

IS