Security Review
Providing Australian businesses peace of mind through the understanding of your security risks and conducting a comprehensive information security assessment to provide a cyber security roadmap.
SECURITY REVIEW
Every day we hear stories about identity theft, hacking or data breaches. At SACKO we can provide a comprehensive Security Review of your network to identify any problem areas.
With more and more people working from home, remotely, hot spotting, the need to protect our valuable information is critical. The information we save on our devices varies:
- personal identity,
- banking and financial details,
- intellectual property.
Our electronic devices are essentially an unlocked back door into our homes.
Our team can review this for you. They will identify any concerns and work on a solution to best suit your environment.
Areas covered in review:
- Anti-virus software
- Network Firewalls
- Hardware and software security (up to date and authorised by business)
- Adequate passwords and MFA (Multi Factor Authentication) across the business
- Backup processes
- Disaster recovery plan
- Staff security awareness
- IT Security Policy
We'll show you where and how to protect your business. Contact SACKO today to book in a Security Review.
Ph: 1300 072 256
Phase 1:
Initial Consultation
During the initial consultation phase, the consultant will meet with key stakeholders to understand your business and its cyber security security needs. The consultant will also review the organisation's existing information security policies, procedures, and practices. In this stage, the consultant will also request information about any third party partnerships or platforms that may contain company or client information.
Phase 2:
Exam and Analyse
In the exam and analyse phase, the consultant will conduct a thorough review of the organisation's information security systems and practices. This may involve reviewing documentation, interviewing key personnel, reviewing key systems and configurations, and sometimes conducting an onsite physical security review.
Phase 3:
Report and Consult
After the exam and analyse phase is complete, the consultant will compile a report detailing the findings of the information security audit. The report will include a summary of the organisation's current information security posture, a list of identified security risks as well as associated recommendations for improvement. The consultant will then meet with key stakeholders to discuss the findings and recommendations within the report.
Information Security Assessment timeframe
The 3 phase approach can then be customised to suit your timeframe and requirements,
however, it will typically be a 4 week timeframe with the following breakdown of tasks:
Week 1:
Initial Consultation
Holocron consultants will meet with stakeholders in your organisation to understand the business and its cyber security needs. In addition, the consultant will request access your organisation’s existing information security policies, procedures, and practices, so this can be reviewed. Gathering information and contact details on any third party companies or platforms will also be required.
Week 2:
Exam and Analyse
Holocron consultants will conduct a thorough review of your organisation’s information security systems and practices. This will involve reviewing documentation, observe processes, and test systems and controls. The aim is to gather data and evidence to help evaluate the effectiveness of your organisation’s information security practices.
Week 3:
Compile Report
The consultant will then begin to compile a report detailing the findings of the audit. This report will entail a high level essential 8 reviee, individual findings for all aspects of the assessment, including physical security, third parties, physical infrastructure, network devices and policies and procedures. An internal peer review will then fellow, where follow senior consultants will review to ensure accuracy of findings.
Week 4:
Consultation
The consultant will then meet with key stakeholders in your organisation to discuss the findings and recommendations in the report. The final information security audit report will be presented and provide recommendations for improving the organisation’s information security systems and practices.
The Information Security Audit process
An information security audit is a process of reviewing an organisation’s information security systems and practices to ensure that they are adequate and effective in protecting the organisation’s sensitive data and systems from cyber threats. During an information security audit, the consultant will typically review a wide range of areas related to the organisation’s information security posture. This may include: