Cyber Assurance Programme
Our Cyber Security protection programme is designed to make it easier for organisations to implement good security practices in order to provide assurance that cyber security risks are under control.
The following list describes the key components of our Cyber Assurance Programme. Each component is available as SaaS:
1: Establish an Asset register – Do you understand what you are trying to secure? Create and maintain an up-to-date inventory of your assets. See our Intelligent Asset Manager solution.
2: Assign responsibility for security and tell staff – Unless the organisation appoints individuals to undertake specific security roles or tasks in order to make security part of business-as-usual, it’s very likely your programme will fail. Its critical that staff see that management place some priority on maintaining cyber security. And it doesn’t have to be overbearing, if you chose to automate aspects of your compliance programme.
3: Undertake Risk Assessments - Identify the risks to which your computer systems are exposed. It’s important to understand the threats and vulnerabilities your systems are exposed to and consider the impact, should the worst actually happen. This is known as ‘taking a risk based approach’ which means you focus on minimising those risks that are unacceptable and put the organisation at risk.
4: Implement your controls to minimise the risks – by taking a ‘risk based approach’ your risk assessments will show where your risks are. You will use controls such as anti-virus, firewalls, multi-factor authentication, staff training on security and others, as a way to lower the high risks to the business. Controls do not necessarily involve additional costs. For example, having an effective patch management process is the control required to minimise the risk of a software based security risk.
5: Establish Cyber Security Policies and Procedures - It’s essential to establish an easy-to-read, easy-to-understand cyber security policy set, that informs staff of the organisation’s cyber security expectations and what they need to do. See our Good Cyber Security Policies and Procedures
6: Policy Document Management – Keep the policies real. Check that key documents are still current and still fit for use within the organisation. Policy document management is a process that helps make sure the document set remains up-to-date and in alignment with the organisations compliance obligations.
7: Train staff – Its critical that staff are trained on cyber security, in a way that is easy to digest and doesn’t take up too much valuable staff time, otherwise how will they know what to do?
8: Perform checks to make sure that the policies and procedures are being followed – If you don’t check that your policies are being followed or the processes and controls are working as expected, how do you know that security is being maintained? Its important to check periodically that your cyber security programme is operating.
For queries and pricing details do contact us below to discuss.
+44 (0)203 397 0142
DLP Assured Services Limited
152 - 160 City Road