General FAQs

What is information security?

Information security is all about protecting important information, both in electronic and paper form, from unauthorised disclosure, modification and loss. This may include your customers’ personal information, employee information, business contracts, marketing strategies, credit card details, etc. We advise organisations on how to implement appropriate and cost effective solutions to keep their valuable information secure.

Why is information security important?

The rapid growth of information technology and the Internet have afforded organisations huge increases in efficiency, but have also made information much easier to copy, modify or delete. Organisations are increasingly reliant on information to achieve their objectives. As such, they must ensure that their information remains accurate, confidential and is available when needed.

How will an information security strategy benefit my business?

An information security strategy will help you to identify the most important information within your organisation and the main risks to that information. This understanding will allow you to focus on the high risk areas and allocate resources where they will provide the most benefit.

Demonstrating effective management of information security can also provide reassurance to clients that they can trust you to keep their information secure.

To find out more, download our free whitepaper on the business case for information security.

Do you only assess the security of digital information?

No. Information security should encompass all forms of information, including paper documents. Most organisations have at least some reliance on paper documentation, so it’s important to consider the risks associated with this information too.

What is ISO 27001 certification?

ISO 27001 is an international standard providing guidance on designing, implementing and maintaining an Information Security Management System (ISMS).  Certification to the standard provides independent assurance that an organisation has well managed systems in place to secure its valuable information.
ISO 27001 has been designed for organisations of all types and sizes. It is just as relevant in a 10 person organisation as a 10,000 person organisation.

If implemented well, ISO 27001 can provide an organisation with an efficient, functional and maintainable system for managing the security of its information.

What are ISO standards?

ISO, the International Organization for Standardization, is the world’s largest developer and publisher of International Standards. It is a network of the national standards institutes from 160 countries, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. So far it has developed over 18,500 International Standards on a variety of subjects.

The standards are designed to facilitate trade, spread knowledge, and share technological advances and good management practices. ISO standards avoid having to reinvent the wheel. They distil the latest in expert knowledge and make it available to all.

Being certified to ISO standards shows that an organisation has reached an international standard of best practice in that particular field. This levels the playing field and allows for transparency when comparing organisations’ capabilities.

To find out more, call us in Melbourne today on 1300 977 774.