Compliance Services

Compliance assessments and programs are an effective way to assess your organisations against the requirements of standards, principles and codes of practice whether they are good practice or community and ethical standards.

Information Security Management System (ISO/IEC 27001)

The adoption of an ISMS is a strategic decision for an organisation.

ISO/IEC 27001 is an international standard which has been prepared to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS).

The adoption of ISO/IEC 27001 shows that your organisation has adopted a best practice stadnard regarding information security. The design and implementation of an organisation’s ISMS is influenced by the governance needs and objectives, security requirements and the size and structure of the organisation.

This service aims to establish how well your organisation complies against the international information security standard and whether you have taken necessary precautions to protect their information based on the information security principles of confidentiality, integrity and availability.
Strasan’s ISMS compliance service consists of the following core services:

• Design and Implementation of an ISMS
• Conducting internal ISMS audits
• Addressing issues raised by internal and external auditors
• Providing assistance in ensuring all security policies and procedures are kept current and well communicated
• Ensuring the ongoing collection of evidence to demonstrate a working and operational ISMS.

Strasan has provided advice and assisted many organisations to successfully attain certification to and maintain compliance with ISO/IEC 27001.

Business Continuity Management (BS 25999)

The business continuity process should be developed from the perspective of reducing the impact a disaster may have upon critical business functions and for restoring these functions in the most effective possible way.

The benefits of having working and useful Business Continuity are enormous and may range from proactive actions to prevent loss of business functionality, minimising the amount of “downtime” your organisation has in the event of an emergency, the management of uninsurable risks, greater staff involvement in the business and an improvement in company image.

Strasan follows a phased approach to design a Business Continuity Management System (BCMS) as per BS 25999 for an organization.

Strasan is able to analyse, design and document an effective and efficient Business Continuity Strategy for your business by providing consultants who will gain an understanding of your organisation, its business critical processes and management commitment to continued availability. Using this information, Strasan will then determine the strategy to be adopted and will then develop the business continuity management plan and a test and evaluation period to ensure that the plans remain effective

Benefits of Implementing Business Continuity Management

Some of the benefits of implementing the BS 25999 standard are as follows:

• Provides stakeholders with assurance that risks from potential disasters have been reasonably mitigated
• Provides company personnel with proper procedures in case of disaster
• Ensures a faster and more effective recovery of business operations
• Reduces risk of business and infrastructure loss
• Provides insurance underwriters evidence that the company has properly assessed the risks of conducting business
• Attain the BS 25999 certification
• Ensure compliance with standards such as ISO 27001

Strasan also have experience in facilitating rehearsals to ensure that your organisation and management team are prepared for a business continuity event.