InfosecPartners can offer advice and guidance on all aspects of information compliance whether relating to legal, regulatory or internal policy and procedures.
There are frequent news items of well known brands suffering security breaches and brand damage, highlighting the importance of good corporate information governance. In the UK the vast majority of security breaches are not made public, we help organisations proactively plan how they will communicate and manage compliance gaps and security incidents with their internal and external stakeholders.
Although your legal department may be well versed in the legal aspects of compliance, not least to the data protection act, implementing the controls can be complicated, some of the legislation can seem to offer conflicting advice.
For example the FSA regulations state that for UK financial services organisations that phone calls should be recorded, where the same business takes credit card payments from clients they are bound by the PCI DSS standards, PCI DSS mandates that you must not record or store the details of the credit card number, even in voice recordings.
COMPLIANCE AUDIT / GAP ANALYSIS
▪ BS17799 (ISO 27001) gap analysis
▪ Data Protection Act notification and compliance
▪ Human Rights Act, Freedom of Information Act
▪ Intellectual Property Rights, Copyright Law
▪ Asset & software license audit
▪ Formal certification to ISO 27001 & PCI DSS
▪ Ongoing compliance audits
▪ Gap analysis for out of scope systems
▪ Security improvement programme
▪ Maintenance of registration through organisational change
Strategic Consulting &
To speak with a consultant or for more information, please contact us today.
By email email@example.com
By phone 0845 257 5903 in the UK
or +44 1256 893662 when calling internationally.