Follow us on twitter.  

Navigating the mindfield of compliance regulation within the information industry is difficult and can be a challenge for even the largest enterprise. Usually, compliance with these standards is considered as an after thought. However, organisations can use these standards to implement a more effective security strategy within their organisation. Typically, some of the compliance requirements are:

  • PCI (Payment Card Industry Standards)
  • APRA (i.e PPG234) - Australian Financial Sector
  • ISO 270001, 27002 (International Information Security Standards)
  • Industry standards such as OWASP and OpenSAMM
  • Privacy Standards of Australia (Data & Security)

Typically, every business is driven by a particular standard. In some cases, such as the Privacy Standards, every organisation in Australia must comply with the default set of standards. Understanding your legal requirements for compliance with relevant standards and then adopting a maturity approach to the compliance program, is the first steps in implementing an effective security compliance program.

Maturity Baseline Assessment
This is usually the initial step in understanding your compliance drivers and risks within the organisation. This small engagement runs for approximately a week (depending on the size of the organisation) and allows our team to interact with relevant business owners within your organisation. The objective of this assessment, is to take existing standards (mentioned above) and provide an alignment (gap analysis) with an additional plan to help increase the maturity within the organisation.

Compliance & Audit Implementation
This is typically a larger project within the organisation and is spread over a period of time to help minimise the impact associated with cultural change within the organisation. Taking the previous plan developed, the Appsecure team can help to implement the strategy within the organisation, develop guidelines and patterns for the technical and business teams to use within the organisation.

Contact us today, to discuss further with our strategic and governance team on how we can help to ensure you comply with relevant industry standards and implement an effective security program.

 
Client Enquiry Request (complete the form below, and we'll contact you)
Name: Company:
Email: Contact Number:
   We take privacy seriously, read our privacy policy
 

Audit & Compliance
Security Testing
Education & Awareness
Strategic Planning (SDL)
Risk Management
Cloud Security
PCI Compliance
Data Protection

Are you a client? Our client portal provides real-time access to your reports, as well as our knowledge portal and secure file transfer.
Username:
Password:
Register for Access
Forgot your password?
Terms & Conditions of Use


Latest blogs, articles and advisories from our research and testing team....
 
Avoid Common PCI Pains
Avoid a lot of the common mistakes made with PCI!
 
Maximise Education ROI
Get better ROI on your education programmes!
 
How to Secure the Cloud
How to securely deploy into the cloud for applications.
 
Assurance Vs Penetration
Whats the difference between the two types of testing?
 
  Read More..

Copyright © 2018 - 2020 Appsecure Pty Ltd  |  ACN 132 491 644  |  info@appsecure.com  |  02 9160 7045   |  BRISBANE - SYDNEY - MELBOURNE - CANBERRA