| |
|
|
AUDIT
BS7799 gap analysis
Data Protection Act notification and compliance
Human Rights act, Freedom of information act
Intellectual property rights, copyright law
Asset & software license audit
|
|
ACCREDITATION
Formal certification to BS7799
Ongoing compliance audits
Gap analysis for out of scope systems
Security improvement programme
Maintenance of registration through organisational change
|
|
|
| |
|
|
|
| |
|
|
|
RISK ASSESSMENT
Methodology and tool selection
Risk acceptance levels, criteria for decision making
Corporate Information Governance
Define risk appetite
Evaluate mitigating controls
|
| |
POLICY
Policy review
Security policy design and enforcement
Standards & process design
Security Roles & responsibilities
Change control management
|
|
| |
|
|
|
PRIVACY STATEMENT
