|
Information Security Governance
CISO / CPO
Advisory Services
Having a good Information Security story to tell
prospective customers and business partners is
a differentiator in the marketplace and a regulatory
requirement in many businesses today. Now, more
than ever, businesses of all sizes and vertical
markets face challenges in maintaining information
assurance and privacy. With recent Federal legislation
in traditionally regulated industries, Information
Security and privacy are legally mandated. Few
businesses are in a position to respond quickly
and effectively to legal and regulatory requirements
and outside assistance may be needed.
A limited-engagement Chief Information
Security Officer (CISO) or Advisor can quickly
jump-start your company’s Information Security
Program, assess the existing program, map a standards-based
strategy and manage implementation of your company’s
Information Security Program. Many small to mid-size
business don’t need a full-time CISO, only
periodically to make occasional course corrections.
Larger businesses may need to bridge a personnel
gap while searching for a permanent candidate.
JBW Group International will provide CISO expertise
with an Information Security Program that addresses
your company’s business objectives.
Information
Security and Privacy Culture
Even the best Information Security Program is
not worth the paper it is printed on if the organization
does not embrace Information Security at all levels
of the organization. JBW Group International has
teamed with Roland Sullivan and Associates, globally
recognized as an authority on concepts of Organizational
Change (OC), to develop a methodology to instill
security as a basic value and Information Security
as a core competency for any organization.
This multi-phase practice uses time-tested
OC processes to transform the culture of the organization,
making every contributor a stakeholder in creating
and achieving the Strategic Information Security
objectives for the organization.
Security
and Privacy Awareness
Even if your business has a solid Information
Security Policy in place, if your employees can’t
benefit from the guidance it contains, the policy
is meaningless. It may even introduce additional
exposure to your operation. JBW Group International
can develop and deliver Security Awareness training
for your organization or simply assist you in
deploying your own program.
Information
Security Policy Assessment
Information Security Policy is management’s
documented direction and guidance to the organization
for protecting the confidentiality, integrity
and availability of the organization’s critical
information. After identifying and assessing risks
to your business, an assessment of your company’s
Information Security Policy is the next logical
step. Reviewing the organization’s policy
documentation will identify gaps both in the implementation
of controls and in the policies themselves. JBW
Group International can assist your organization
in developing information security policy conformant
with the framework of international standards
that will reflect strategic business objectives
and provide the basis a sound Information Security
Program.
|
