In these circumstances, it is vital to assess and regularly re-assess the security of information held by your organisation. Are your processes compliant with data protection law and best practice requirements such as the Payment Card Industry Data Security Standard? Are staff at all levels aware of how vital information security is to your organisation and its customers? Is your technology hardened against attack and regularly tested against intrusion?

Socitm Consulting carries out a wide range of security and compliance reviews based on ISO 17799 and ISO 27001 standards which include:

• Information Governance and Compliance strategy development
• Sanity checks and gap analyses on current strategies and processes
• Identifying your key information assets, assessing current threats and vulnerabilities to them, specifying and costing risk mitigation measures
• Awareness raising workshops, staff training and other aspects of implementing security policies
• Penetration testing
• Advice on Data Protection, Freedom of Information, PCI-DSS, ISO 17799 and ISO 27001 compliance
• Programme managing standards compliance

Our security reviews are all the more effective because security isn’t our total business. We use multi-disciplinary teams which combine specialist security consultants and others with an in-depth knowledge of the breadth and depth of information governance and compliance requirements across both the public and independent sectors. This means that you get a solution which is technically rigorous but also aligned with your business objectives and tailored to meet the needs of an organisation which is heavily governed by legislation.

If you would like to discuss how we may be able to help you in this area, please call us on 0845 450 0904, email consulting@socitm.gov.uk or use our online enquiry form.