Infosec Services assists its clients to manage their business risks due to potential security issues with key information assets and operations. As businesses become evermore dependent upon their IT and information systems, there is a greater need for protecting these core assets and operations.

Additionally, with the recent development of increased attention to corporate governance, the security of the core business assets stored and processed on information networks is gaining an increased focus from senior management.

But information security is not black magic, as many consultants and ‘security experts’ would have you believe!  Nor is it achieved by the purchase of a single technical product – information security is a holistic management program that achieves a cost effective regime for asset and operations protection. Infosec Services has a combined 30 years of experience that help clients establish and review such programs.

Key Controls

We assist clients in developing, designing or to review the effectiveness of the following key controls.

• Information security management systems and programs

• Security policy

• Staff awareness

• Technical controls

• Operational controls

• Detective controls

• Recovery mechanisms and processes.

Key Standards

We believe in the use of standards for cost effective guidance on information security. Two of our specialists regularly contribute to standards development activities. We use the following standards in our work:

• AS/NZS 4360

• ISO/IEC AS/NZS 17799 (ISO 27002 as of April 2007)

• AS/NZS 7799:2 (ISO 27001:2005)

• Queensland Government Information Standard 18 – Information Security

• National privacy principle 4 – Data security

• Technical standards and specification as required