The business environment is constantly changing and new threats and vulnerabilities emerge every day. Organisations need to identify vulnerabilities and threats to their information resources and decide what countermeasures, if any, to take to reduce the risk to an acceptable level, based on the value of the information resource to the organization. Of course, the process of risk management is an ongoing, iterative process and must be repeated indefinitely.
Information Security is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of an organisation’s information resources. It is a general term that can be used regardless of the form the data may take. Information security can also be viewed as the balanced protection of the Confidentiality, Integrity and Availability of data, while maintaining a focus on efficient policy implementation and no major hampering of organization productivity.
TwoBlackLabs provides a range of Information Security services that allows you to assess or review the risks associated with your information resources and allow you to make informed decisions. Services include:
Provision of security advice for programmes and projects
Security risk assessments
Security control reviews and audits (e.g. NZISM)
Security maturity level reviews
Protective Security Requirements (PSR) returns
Development of security strategies and policies
Management of security breaches
Development and assessment of security requirements for RFPs
Development of certification and accreditation (C&A) frameworks
Completion of certification and accreditation (C&A) for products and services.