Organisations are increasingly being required to incorporate information security management and governance into their corporate governance arrangements. This is often either through legislation, regulatory pressure or contract compliance. In South Africa, the King Code of Governance (King III) provides guidance on the implementation of information security managements systems in organisations.

 

By working with our experienced and certified consultants, to implement an ISMS, your organisation has an opportunity to plan for security threats, evaluate and rectify weaknesses, and improve your ability to respond to security incidents. Our information security management services are based on the principles of the ISO 27001 standard, the only internationally accepted standard for information security.

 

Information Security management based on ISO 27001 defines an operational model for information security. The model starts off by defining the requirements that need to be satisfied by the organisation. These may include requirements such as PCI, POPI, PAIA, etc. Once the requirements are understood, the implementation of the system will take the form of a recurring process of plan-do-check-act. This cyclical process will ensure that the information security management system is a continuously improving operational model. The efficient operational of the management system will result in a state where information security is under control.