Working with third party suppliers
15 February 2023
When it comes to information security risk management, how do you ensure that the third parties engaged to do work for your organisation preserve the confidentiality, integrity, and availability of your information? Often their “work” could include access to your organisation's data, intellectual property, financial, operational, or other sensitive…
Read More
Are your policies fit for purpose?
23 November 2022
Some discussions we had at a recent industry event highlighted how organisations still struggle to draft and deliver policies that are fit for purpose. Three people we met from 3 different organisations stated they had IT polices currently in circulation that are approximately 10 years old. In a separate discussion, someone in an IT Operations role…
Read More
When was the last time you tested your incident response plan?
20 October 2022
In the last few weeks a number of high profile organisations have become front page news due to data breaches.Testing your incident response plan is critical for a range of reasons including – It’s important to confirm that the defined roles and responsibilities assigned to your response team are appropriate. Testing will help team members to under…
Read More
How do you approach security governance?
14 September 2022
Determining the right level of security governance your organisation needs to have in place will assist in controlling and directing the associated IT security practice. When security governance runs well it efficiently coordinates the security activities of the organisation, enabling the movement of security information and associated decisions. T…
Read More
