Organizations today face a global revolution in governance that directly affects their information management practices. Following the high-profile organizational failures of the past decade, legislatures, statutory authorities and regulators have created a complex array of new laws designed to force improvement in organizational governance, security, controls and transparency. Coupled with previous laws in these areas and information retention and privacy, these new laws and regulations, together with significant threats of information system disruptions from hackers, worm, virus perpetrators and terrorists create an unprecedented need for a governance approach to information management. Everyone is aware of the need for information security in today's highly networked business environment. Information is arguably among an enterprise's most valuable assets, so its protection from predators from both within and outside has taken centre stage as an IT priority

IT security is one area in which you cannot afford to miss a single detail. All it takes is one missing element in your IT security plan to leave your business open to network attacks and operational disasters, along with the financial and legal consequences they can produce. On top of that, new regulations and standards are being introduced frequently. To help you ensure your IT security documentation is up-to-date with the latest ISO 27000, HIPAA and Sarbanes-Oxley standards, Audit Department can assist you in establishing a comprehensive IT Security Framework for your business.

The critical topics we would like to assess for you are:

  • Risk analysis
  • Staff member roles
  • ISO 27000, 27001 & 27002 Compliance
  • Physical security
  • Facility design, construction and operations
  • Media and documentation
  • Data and software security
  • Network security
  • Internet and IT contingency planning
  • Insurance
  • Outsourced services
  • Waiver procedures
  • Incident reporting procedures
  • Access control guidelines


Once your IT Security processes, policies and procedures are established, Audit Department can assist you in assessing and measuring the effectiveness and the efficiency of your IT Security processes.

To achieve effectiveness and sustainability in today’s complex, interconnected world, information security must be addressed at the highest levels of the organization, not regarded as a technical specialty relegated to the IT department. Our Country offices in London, Hamburg and Milan will be looking forward to your individual requests and can help you in defining the ideal package for your individual requirements. We encourage you to have a discussion with us regarding the questions:

  • What is your information security governance?
  • Why is information security important for your company?
  • Who should be concerned with information security governance?
  • What should information security governance deliver for you?
  • What can do together to successfully implement information security governance?
End of Article
Deutsch English English