Meet your compliance and regulatory obligations
Show your customers you have your security under control with the international standard ISO27001. Recognised across the world, the standard provides a risk based approach that will optimise your security controls, leaving you with efficient and effective security. In addition, the standard is auditable, meaning you can show your customers your ISO27001 accreditation.
Volkis provides gap analysis and implementation services for ISO27001. We will walk you through the complete implementation of the framework in your environment, dealing with the different stakeholders in the business to ensure the project is a success.
Volkis can help your organisation gain alignment and maintain compliance with the NIST Cybersecurity Framework. This framework provides a sensible baseline of security that is appropriate for all organisations. It is split into five sections: Identify, Protect, Detect, Respond and Recover.
As part of our NIST compliance services, Volkis can guide you through using the NIST framework to enhance and optimise the security of your organisation. Whether you aim for full compliance, or you incorporate a subset of the framework into your security strategy, we can provide the visibility, analysis, policy and process development, and advisory services you require.
The ACSC has published eight essential security controls that it believes are appropriate for all organisations. These are:
- Application whitelisting
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Daily backups
Volkis has built an assessment methodology that can test your organisation against the ACSC Essential Eight Maturity Model. This assessment methodology uses automated and manual tools and techniques to test which controls are in place and which controls and what maturity level each control aligns to in your organisation.
Volkis consultants can then provide recommendations and advisory services for improving the maturity level of your organisation and gain alignment with the standard. This can be used to show your clients and government agencies you have the baseline of security in place.