Governance and Strategy
Developing the right strategy for IT governance can be the difference between success and failure as organisations become increasingly dependent on information systems. Heightened concerns from regulators and consumers over the correct use of information, particularly personal data, is perhaps only matched by growing external and internal threats. Many organisations find that to evolve a clear, cohesive, business-focused governance and security strategy, external advice is invaluable – particularly when that advice is based on practical experience of other successful projects.
Our approach
Security Strategy and Business IT Alignment
- Alignment of business with IT
- Defining strategy for two to five years
- Building business cases for security Investments
Policies and Procedures
- Designing frameworks for policies and procedures
- Writing policies and procedures
- Implementation of policies and procedures
- Optimisation - resources and cost
Awareness and Training
- Development of the awareness collateral
- Running awareness workshops (management buy-in)
- Managing awareness programmes
- Compliance management
Security Organisation
- Defining information security hierarchy
- Identifying functions for security management
- Establishing RACI matrix and auditing mechanism
- Outsourcing information security Governance
Identity, Access and Authorisation
- Defining business and technical requirements
- Designing and profiling
- Developing solution architecture
- Process consultancy for efficiency and reduced costs
Frameworks
- CoBiT
- COSO
- ISMS
- ITSM
- ITOGAF