“Real-world activities and methods were provided by BAU to give life to the ISO 27001 standard, rather than it being just a box-ticking exercise. We cannot recommend Business As Usual highly enough”
Information Security Consulting
About this service
We regularly conduct Information Security Management System (ISMS) consulting projects and hence are at the forefront of this critical cyber security space. Our clients include large and complex organisations, both government and corporate, across various sectors.
Since 2006, we’ve specialised in the following Information Security standards: ISO 27001, ISO 27002, ISO 27032, ISO 28000, APRA’s Finance Sector InfoSec standards, ITIL and COBIT related security guidelines, SOC2, NIST and other common InfoSec standards and guidelines.
Framework & Implementation
Are you keeping up with regulatory requirements and expectations from your customers? Our best practice checklists and frameworks have provided hundreds of clients with the confidence to operate within industry regulation and requirements.
Furthermore, many organisations find themselves focused more on compliance than on the actual business benefits of having a solid Information Security process in place. Delivering peace of mind for senior executives, middle management and staff is just as important as meeting external requirements.
Our dynamic frameworks and practical procedures assist organisations with constructing or refreshing their Information Security practices into easy to maintain systems—and hence they feel confidently prepared should they ever need to act.
We customise our own templates, as well as ISO and other reference documents, to your environment. We handhold your InfoSec staff, and broader workforce, to fully understand the contents of these templates without it being a boring burden!
The benefit of our internal pre-audit assessments is a capability statement that’s specific to your organisation. You’ll receive prioritised action points for improving your Information Security process prior to an external audit and enjoy the confidence that our comprehensive approach leaves no stone unturned.
Awareness workshops
A document full of procedures and controls is absolutely worthless until all staff know their role in the InfoSec process, and where their responsibility starts and ends.
We use innovative techniques to facilitate engaging and realistic awareness sessions to ensure optimal learning by all participants and create support, enthusiasm and buy-in across your organisation.
Your team will learn through engagement and participation as we integrate realistic challenges and situations into common scenarios, ensuring that your organisation is best prepared for an event.
We have conducted process improvement workshops across all sectors, including government, education, utilities, retail, manufacturing, technology, finance and banking, transport and professional services, as well as other industries.
Assessments & Gap analyses
Many organisations are under direct or indirect Information Security compliance requirements from clients, insurers and/or regulators.
Our team of certified experts conducts gap analyses and benchmarking exercises, as well as internal and external audits based on ISO, SOC2, APRA and other standards and regulations that may be applicable to your organisation and industry.
The benefit of our internal pre-audit assessments is a capability statement that’s specific to your organisation. You’ll receive prioritised action points for improving your IS process prior to an external audit and enjoy the confidence that our comprehensive approach leaves no stone unturned.
testimonials
“The pragmatic approach, practical tools and assistance to enhance our organisation’s ISO 27001 related understanding have helped us substantially to increase our capabilities, whilst at the same time understand our opportunities for growth”
How can we help you?
We are always ready to assist you with your Information Security enquiries.
Drop us a quick message and one of our consultants will contact you.
If you prefer to call us, we are always contactable on +61 (0) 2 8078 6940