Regulation & Standards Compliance
Organizations handle sensitive information on a daily basis – whether personal information, critical infrastructure systems, financial information, intellectual property or sensitive government information – all of it is subject to laws and regulations for protecting that information. Meeting these standards enable organization to operate and to cooperate with international organizations and global commerce.
CST assists organizations in understanding the laws and regulations that they must follow to protect information, guide them through the compliance process including the risk assessment and risk management process, and help them to meet the standards requirements as well as be certified.
We can help you with your ISO 27001 accreditation (assessing your information security against the standard to helping you achieve certification to the ISO standards). We proudly hold a 100% success rate with all customers who have engaged us in helping them to achieve ISO certification.
Case Example – ISO 27799 – a Health Informatics Information security management in health sector.
- Compliance project includes:
- Gap analysis against current ISMS
- Risk assessment
- Aligning your ISMS with ISO 27001.
- Establishing a full procedure kit including InfoSec policy and statement of applicability.
- Internal audit
Certification phase – Preparing and accompanying the customer through the certification process.
Case Example ISO 27032 –A standard that ensures safety of online transactions and information exchange over the Internet. ISO 27032 provides a framework for Information sharing, Coordination and Incident handling. The standard facilitates secure and reliable collaboration that protects the privacy of individuals in the cyber space.
In this way, it can help to prepare, detect, monitor, and respond to attacks such as:
- Social engineering attacks,
- Malicious software (malware)
- Spyware and other unwanted software.