Foresight consultants can assist with all aspects of information security management and advice.
Security program review and development
There are often a number of drivers behind the development of a security program including business and technology initiatives, regulatory compliance and enterprise risk. Foresight can assist in the development of security programs as well as the review of existing programs to ensure an effective and efficient solution.
Foresight has produced numerous information security document suites and frameworks for a wide variety of organisations. Security documentation can include information security policy, system security plans, risk assessment and management plans, technical security documents and procedures. A sound documentation suite is usually built from a security documentation framework. Foresight has experience in producing frameworks for many organisations including government agencies.
A security policy is the cornerstone of an effective security management infrastructure, which defines security objectives and the processes to mitigate risk. Foresight baselines all our services against recognised security standards such as ISO/IEC 27002:2005 while taking into account organisational security requirements. The result is a security policy tailored to your organisation.
System security plans
Many government organisations require the development of system security plans to outline how each system provides security controls and adherence to policy. However, often templates such as the NIST template are too cumbersome or inappropriate for an organisation’s needs. Foresight develops system security plans that address required criteria while minimizing repetition. This results in a plan that effectively meets the organisations requirements.
Security awareness and education
Regular training and awareness are essential elements to building an effective information security program.
Foresight can provide training programs for general information security awareness as well as specialized requirements on regulatory compliance issues (e.g. ISM, PSM, PCI, etc.) and technical security areas such as incident management and forensics.
For incident response Foresight can provide onsite assessment, forensics and remediation services should there be a requirement. We can also assist in the development of incident response planning and procedures to ensure that in the event of a security incident, appropriate measures are taken. Additionally thorough planning will assist in minimizing the chance of reoccurrence.
For more information about any of our service offerings, contact us at [email protected].