This large Australian Government agency maintains large quantities of personally identifiable information, financial records and sensitive official information and outsources IT services to a variety of service providers. The agency requires that all key ICT systems undergo regular IRAP assessments. As such, assessments were performed for the agency’s network infrastructure and a mainframe environment;...
Read More
This Australian government owned organisation provides safety critical services, many of which are reliant on a wide range of ICT and OT systems. The organisation required all ICT system to be IRAP assessed. These assessments covered a navigational system, a communications system and a network management system. The assessments needed to be pragmatic and...
Read More
This project involved support to a major data centre operator during the process of expanding the scope of multiple ISO 27001 accreditations relating to newly constructed centres. New policies and procedures were developed, while others were updated to accommodate the new scope; internal audit procedures were also adjusted to accommodate the expansion. Additional security...
Read More
Consultants were engaged to develop an Information Security Framework to achieve compliance with the Australian Government’s Information Security Manual (ISM). A formal gap analysis was initially completed through documentation review, engagement with key stakeholders and with reference to the ISM. An integrated suite of documentation was designed and developed to meet the needs of...
Read More
This cybersecurity project involved reviewing and updating Acceptable Use of Technology Standards that applied to 30,000 users across the public entity. This was followed by the development and publication of supporting documentation, including Password and User Account Management Standards, Travel Policy and Information Security Exemption Procedures. The aim of this project was to ensure...
Read More
A major Defence Prime contractor required Industry Risk personnel to implement a range of cybersecurity governance measures in order to meet the stringent needs of, and achieve accreditation under, Australian Department of Defence project provisions. The assignment involved development of an initial Statement of Applicability (SoA) following engagement with Defence stakeholders, conduct of an...
Read More