|
|
| You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone Community | |
Most Active Members To appear on this list, update your profile, read content, post comments, and post messages.
JOIN NOW and get a free personal membership with one-month free Business Level access to monthly coaching sessions and product discounts. Help for... »» Non-Technical Staff MORE INFO... about The Streetwise Security ZoneYou can also contact Scott Wright
 |
Security and Risk Management Consulting
When you are struggling to balance service delivery objectives, budgets and security risks for your government initiatives, you need a practical view on risk management. Security Perspectives Inc. brings a wealth of experience in government risk management, information security and privacy to help you quickly identify the right balance of risk against controls and security safeguards. Enterprise Risk Management One of the biggest challenges for managing risk within an enterprise is the consolidation and comparison of risks from various management domains. If this is not done properly, it can result in “apples and oranges” comparisons when abstracted from non-executive (technical) languages. Whether you are just beginning the process of integrated risk management or you are trying to align frameworks from different organizational areas, we can help in comparing "apples to apples", and can set your organization up to utilize COTS products for managing all types of enterprise risks efficiently. Policy and Requirements Many individuals see policy as a pain to deal with. But the security of your entire business unit can be impacted by deficiencies in policy. So, it's important to engage team members who understand the value of having the right policies and making sure they are followed. Security Perspectives offers a range of capabilities for assessing and developing policies that are relevant and workable. Threat and Risk Assessments (TRA) The key to achieving a practical balance between the cost of a security program and the risks of information security breaches is in accurately evaluating information asset values, security threats and vulnerabilities. With the right level of analysis you can determine whether your planned services can be deployed with acceptable risk, and within your budget. Security Perspectives draws on its experience and analytical abilities to facilitate meaningful threat and risk assessments that provide concrete recommendations for achieving acceptable risk levels, and can provide extended services for executive briefings to smooth the process. Privacy Impact Assessments (PIA) As governments move more of their business processes into automated and citizen-facing systems, the processes around handling of private information usually need to be reviewed. PIAs typically evaluate the data collection methods, consent processes, usage plans and controls, security plans and controls, access to information processes and verification/correction processes. Moving to electronic service delivery can impact all of these areas. Certification and Accreditation Support Attention to detail can make the difference between having a comfort level with acceptable risk and losing sleep at night, worrying about tomorrow's newspaper headlines. Senior managers who take advantage of the tools of Certification and Accreditation give themselves an advantage by understanding the implications of their risk decisions more fully. Security Perspectives provides efficient system security review services for independent verification of security safeguard implementation. As a trusted advisor or objective witness to secure system deployment, we bring transparency to the process of deploying electronic services. Security Audits Depending on government jurisdictions and industry regulatory requirements, security audits may be required on a regular basis for IT systems. Formal and informal audits provide the evidence required to prove an organization has been exercising due diligence, or can provide the metrics to indicate the need for corrective actions. Security Training If your IT staff has tried the obligatory internal briefings to staff, but the frustration levels and incident rates are still rising, it could be due to a problem with communication styles. IT managers are often justified in believing they have the unique knowledge required to train their internal staff. But they sometimes fail to realize that non-technical staff need more than just a knowledge dump. They need context and relevance, not to mention a patient instructor or coach, to enable an effective transfer of knowledge and awareness. Security Perspectives specializes in providing training and coaching services to staff who have varying degrees of technical knowledge. The feedback we receive tells us that our style and approach to security training enhances the value of the educational experience, and makes students more receptive to the message. For more information, or to engage us, please contact us at: gov@securityperspectives.com or call 613-693-0997 Note: Our exclusive "Work Smart and Work Secure"(tm) and "Streetwise Security Awareness"(tm) services and training provided on our Services page are also available to government organizations.
|
|
|