Advisory Services

ISM/IRAP Consultancy

If you view or store Federal government information, you might be required to follow Federal government security standards such as the Information Security Manual published by the Australian Signals Directorate.

We can provide consultancy on the development of a compliant environment and this includes providing you with the complete set of documentation requirements. We also provide IRAP assessment services so you can certify and accredit your environment.

Information Security Audit

We can perform tailored information security audits that assess whether your organisation’s current procedures, controls and processes within the Information Security Management System (ISMS) are in line with information security standards, regulations and your organisation’s policies. The audit will allow you to determine whether your ISMS is implemented and maintained effectively and efficiently.

Our audits help you assess how effective your controls are and they fit into the Plan Do Check Act framework for an ISMS.

It’s important you conduct regular audits at planned intervals to identify whether information security controls:

• Meet your organisation’s business strategy and risks regarding to information security.
• Are effectively implemented and maintained.
• Are defined using a risk based approach and there is an updated set of policies and standards that have been approved by management, and have been published and communicated to employees and relevant external parties.

 Services

Services include:

• PCI-DSS gap analysis
• PCI-DSS onsite analysis
• ISM documentation development and consultancy
• IRAP Assessment
• Information Security Audit

Browse our other GRC Advisory services:

• Information Security Framework (ISO 27001)
• Business Continuity Management (ISO 22301)
• Mandatory Data Breach Compliance