Why you might need this service
Most companies rely on digital offerings and services as part of their day-to-day business, but wherever there is information technology there is also an element of information security risk, meaning organisations may, at
any given time, experience some form of threat from cyber criminals.
If your organisation wants to demonstrate a commitment to safeguarding customer data and ensure the business is protected against a cyber-attack, or if you want a base-level security certification to demonstrate you have key technical controls in, the Cynergy Governance service will review and advise the right certification for your organisation.
Reassure customers: you are working to secure your IT against cyber-attacks
Cynergy Governance is structured around your business, your business needs, and your internal capabilities with respect to Cyber Security. Our accreditation partners are brought in when you are ready to undertake accreditation reviews and we work
with you to ensure success.
The service is delivered through a blend of on-site and remote support and is comprised of a current state assessment, followed by a governance model designed to meet your specific requirements. The service can be a one-off assessment or an ongoing engagement and includes a review of the following:
- Business strategy, current governance and operating models and priorities. Identifying key stakeholders.
- Relevant regulations, and their scope. Identifying strengths and weaknesses.
- Operational landscape, such as technology, outsourced services, and third parties.
- Capabilities, capacity, and supporting cyber security activities.
Strategy Alignment – Ensure strategic alignment of information security in support of business objectives
Risk Management – Manage and mitigate risks and reduce potential impacts on information assets to an acceptable level
Resource Management – Ensure the efficient utilisation of information security knowledge and infrastructure
Performance Management – Measure, monitor and report on information security processes to ensure business objectives are achieved