Our Latest Articles
Frequently Asked Questions
Information is an asset to all individuals and businesses. Information Security, in general, refers to the protection of these assets in order to achieve Confidentiality, Integrity and Availability.
- Confidentiality: protecting information from being disclosed to unauthorized parties.
- Integrity: protecting information from being changed by unauthorized parties.
- Availability: to the availability of information to authorized parties only when requested.
Information security management involves a combination of prevention, detection and reaction processes. It is a cycle of iterative activities and processes that require ongoing monitoring and control. The cycle includes the following:
- Assessing security risk: performing security risk assessment to identify threats, vulnerabilities and impacts
- Implementing & maintaining a secure framework: defining and developing policies, assigning responsibilities and applying safeguard measures
- Monitoring & recording: monitoring and recording constantly so that proper arrangements can be made when tackling a security incident
- Reviewing & improving: conducting periodic review and security audit to make sure that adequate security controls are meeting security requirements
Our partner’s premium awareness training is at a price-point that won’t break the bank. Check out their pricing here.
A security audit is a complex task requiring skilled and experienced personnel; it must be planned carefully. To perform the audit an independent and trusted third party is recommended. This third party can be another group of in-house staff or an external audit team, dependent on the skills of the internal staff and the criticality/sensitivity of the information being audited.
