IT Security Frameworks for Risk & Compliance Officers
Do you look after risk and compliance for your business?
If so, you may find yourself looking for a framework or a “to-do list” that will help you guide your organisation through the many steps required to ensure your organisation is compliant with regulation and that your business IT and cyber security needs are catered for.
At Intuity – we travel the world to conferences and seminars to ensure our team are always at the cutting edge of technology and we like to share our expertise and learnings with our clients as we go.
A recent event was striking in the number of speakers who referred in particular to NIST. NIST is the National Institute of Standards & Technology at the U.S. Department of Commerce. And the “NIST Framework” is a five-step model for improving cyber security for your business, broken into Identify; Protect; Detect: Respond and Recover :
Here at Intuity we live by the ISO Standard – ISO is the International Organisation for Standardisation. They develop and publish international standards across multiple fields which are then certified by Certifying Bodies appointed by jurisdiction such as Certification Europe here in Europe.
So for us here at Intuity, The ISO 27001 (ISMS) standard that we have implemented provides a framework for Information Security Management best practice that helps our organisation:
- Protect customers and employee information.
- Provides customers and stakeholders with confidence in how we manage risk.
- Allows for secure exchange of information.
- Manage risks to information security effectively.
- Achieve compliance.
- Protect the organisation’s brand image.
- Builds a culture of security.
- Demonstrate compliance with GDPR
Regardless of your framework, to have a set of rules or guidelines to work to is hugely beneficial and will help anyone charged with the responsibility for compliance in their organisation who may be unsure where to start or as to the technical specifications required. Having this standard also provides a tool for helping to communicate, to, convince and galvanise the senior team.
A great place to start for all of this can very often be Cyber Essentials. This is an entry level certification programme which will help to get you on the road to NIST or ISO standards.
We can assist and guide you through this journey, having helped many organisations already do the same.
Call us today on 0818 987 900 or email email@example.com