It is critical that organisations identify, understand and proactively manage the Threats and vulnerabilities they face, in order to protect customers, stakeholders and ultimately shareholders. Protecting as well as exploiting information assets will effectively drive and maximise business benefits.
The potential implications of poor Cyber Security are significant: financial and reputational damage resulting in an adverse impact on share price and a loss of customer confidence.
Cyber Maturity Assessment Audit
The Cyber Maturity Assessment Diagnostic (CMAD) assesses the level of Information Assurance and Cyber Security maturity in organisations through seven different areas.
The CMAD provides an organisation with an auditable capability to understand the “health” of information, and a Health Check of how information is transacted within the organisation.
Information Assurance Maturity Model
Cyber Security is a rapidly evolving landscape. The Information Assurance Maturity Model (IAMM) and the IA assessment Framework (IAAF) provide a common set of criteria, based on recognised standards. This allows organisations to assess their Cyber Security and Information Assurance (IA) maturity and to develop and maintain a sustainable capability that provides business benefit and addresses the Threat landscape, incorporating Delivery Partners and/or 3rd party suppliers.
ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.
Cyber Essentials is a government-backed Cyber Security certification scheme that sets out a good baseline of Cyber Security suitable for all organisations in all sectors. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.