Information Security encompasses Cybersecurity, Governance, Risk Management, and your Compliance requirements.
When creating an information Security Program, care has to be given to ensure that your security program does not become an business barrier, but rather an enabler that is closely tied to IT, OT, Contract Management and business objectives.
What I bring into an organization is a balanced approach with the experiences needed to prevent your security program in limiting your organizational growth.
- Creation of your Information Security Management System (ISMS as defined via ISO/IEC 27001:2022)
- Customize your program to the uniqueness of your organization
- Review and update of your Information Security Policy and all supporting policies that best match your organizational risk tolerance
- Provide guidance on the section and implementation of security systems that best reduce your risk
- Partner with internal teams to ensure that your Risks are well documented and prioritize the ones that have the most impact and likelihood of harming the organization
- Ensure that your Business Continuity Plan and Disaster Recovery Plans complement each other and work