The key goals of Information Security are ensuring that an organisation’s information:
- is kept confidential and disclosed only to authorised persons,
- has sufficient integrity so as to be relied upon for its intended purpose and
- is made available to authorised persons as required to perform their duties.
 Information Security Management is a distinct part of Operational Risk Management (ORM) and should similarly be concerned with maximising the value to the organisation by expending the least amount of resource to reduce the greatest amount of Information Security risk.
Chase Cooper will work with you to:
Perform Information Security health checks
- Review of existing IS policies, best practices and the governance model
- Gap analysis to standards
- Information Security Risk Assessments using Chase Cooper’s award winning Risk and Control Assessment methodology
- Information Security Maturity Assessments
Implement Risk-Based Information Security (adhering to ISO 27002 / BS 7799)
- Review ISM strategy
- Review/Update ISM policies
- Carry out ISM Risk Assessment
- Assist in mitigation strategies for Key Risks
- Advise on changes required to achieve desired ISM maturity
Implement ISM Awareness Programmes
- Identify key ISM risks and controls affecting personnel, customers or other parties
- Develop effective communication and awareness strategies
- Assist in deployment of resulting programmes
|
Information Security Management (ISM)
