IT Security-related services that we can offer include systems audits, contingency planning, systems security reviews, business impact reviews, and Disaster Recovery planning for computer and telecommunications systems.
BS 7799, the code of practice for Information Security Management, can help promote the need for business continuity at board level. It has recently been issued as a worldwide ISO Standard (ISO 17799), providing greater acceptance within the business and government communities.
The Business Continuity benefits of BS 7799
With many organisations implementing e-commerce, there has never been a better time to focus on BS 7799. Each year, repeat surveys are conducted which show security to be the greatest concern as companies become more dependent on the Internet. The three core values of BS 7799 - namely confidentiality, integrity and availability (or CIA) - provide direction and guidance based on the lessons learnt from the 10 leading companies who originally helped developed the Standard.
BS 7799 covers a risk reduction process to help prevent e-commerce security breaches and has been proven to help companies win new business.
CompCom can assist in the implementation of an information security management process to help reduce security risks and ensure your critical business areas can continue in the event of an unforeseen incident. Our consultants can use their experience to speed up the implementation of a viable information security management process.
You can obtain more information concerning BS 7799 from the BSI's web-site
The Turnbull Report, Risk Management and Corporate Governance
Since December 2000, all companies listed on the Stock Exchange must implement the findings of the Turnbull report on corporate governance and implement a risk management process to protect shareholders' interests. In addition, there is a requirement for a statement to be made in the annual report with an explanation of the controls in place. Auditors are already checking the risk management process and are setting up lucrative services to help their clients implement the controls.
Although Turnbull covers the wider aspects of falling sales and external forces affecting companies, it also raises issues pertinent to information security and business continuity. Even Government and Education departments are realising the benefits of implementing Turnbull, as many of them are effectively running a business as part of their services.
CompCom can help your organisation to set up a process covering areas of risk identification and the implementation of appropriate controls. This proven approach will satisfy the auditors and, more importantly, help you to run your business more effectively. Our methodology includes:
A downloadable version of the Turnbull Report can be obtained from the Institute of Chartered Accountants' website .
- risk identification;
- risk prioritisation;
- appropriate and cost-effective control measures;
- establishing the culture and internal training;
- the review, reporting and update process.