Information Security Impact Assessment
We remove the potential for introducing risk into the business through new ways of working.
The current crisis is necessitating a change to operational workflows to allow staff to work remotely. Data that previously lived within the confines of corporate networks with well-established security regimes and models is now being presented in a very different way.
This has introduced risk into many delivery organisations:
- Data previously hosted in corporate networks with well-established security regimes may now be vulnerable through home networks and changed working practices
- Staff may not have been briefed on the security implications of home working
- Poor internet speeds or connections may result in staff resorting to workarounds that introduce further risk
To attempt to mitigate this risk, one solution that we offer is Information Security Impact Assessment. We have supported many organisations to develop their information security infrastructure and responses. And the ISIA is one of the core elements in providing assurance to the business around access to data.
We have developed a series of tools that allow a rapid assessment of business setup to maintain their commitments for information security from a technology, a policy and business activity standpoints.
1. The Information Security Impact Assessment approach generates a report detailing findings across eight aspects of the management of security. We compare your situation with a set of benchmarks for your sector and industry in general.
2. The report is written in business terms, aimed at providing senior managers with a comprehensive and accessible situation report. Importantly the documentation will include an action plan, developed with stakeholders across your business, identifying the activities, mitigations and investments required in order to deal with any areas of challenge.
3. Our dedicated Insight Team will generate outputs in a form that will support board or executive presentation. This team will work to the standards and formats used within your organisation.