Nemea Consulting

Skip Links

• Home
• About Us
  • Company Profile
  • Company History
• Services
  • Project Management
  • Process Analysis
  • Business Systems Analysis
  • Programme Management
  • eBusiness
  • Information Protection
    • Data Protection Auditing
    • Information Security
    • Business Continuity Planning
    • Health Check
  • Research Programmes
  • Business Process Change
  • Software Package Assessment
  • IS Testing
  • Cash Management
  • Outsourcing
• Market Reports and Research
• Case Studies
• Press Centre
• Links
• Recruitment
• Contact Details
  • Request Information
• Site Map

Information Security

Policy Development and Auditing

In today's inter-connected, computerised world, businesses are increasingly dependent on their information systems. These systems, such as CRM, ERP and e-mail, are pervading the entire organisation. All of this makes information an essential business asset affecting competitive advantage, profitability and commercial image.

The threats to information are coming from a growing range of sources. These include computer-aided fraud, vandalism, damage by a disgruntled employee, downloading viruses, fire and water damage. To compound the problem the sources of damage, such as viruses, hacking and denial of service attacks, are becoming more common, more ambitious and increasingly sophisticated.

In this environment it is essential that organisations value and protect their information resources. Furthermore, it is a legal requirement of the Data Protection Act that "appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data".

Nemea Consulting have developed a number of services to help organisations develop and maintain an Information Security Policy so that they can counter these threats and secure their information.

The Challenge

Understanding the complexities and requirements of Information Security, including asset valuation, risk assessment and risk management, is a specialised task.

Most organisations have too many conflicting demands on their limited resources without having to include another that requires skills and knowledge that are not transferable to other functions.

Furthermore, understanding the issue is only part of the problem. Knowing how to counter threats, develop and communicate an Information Security Policy and associated procedures are the key skills that are needed.

How Can We Help?

The core of Nemea Consulting's approach to Information Security is suitability and appropriateness. Because all organisations are different we believe that it is essential that the appropriate level of protection is identified and implemented rather than some standard "one-size fits all" solution.

We can provide qualified Information Security personnel to conduct a Risk Assessment of your organisation and complete Risk Management to identify countermeasures to identified threats. Working within the framework of the British Standard Code of Practice for Information Security Management (BS7799:1999, now ISO 17799) we can provide a solution that meets all levels of requirement including full compliance with BS7799.

We have developed a three-stage approach to delivery:

• Value your information assets.
• Identify threats and vulnerabilities.
• Recommend how those identified risks can be met.

The key deliverables from undertaking such a programme include:

• An audit report identifying actions required to counter threats.
• An Information Security Policy.
• Where necessary, Information Security procedures.