Consultants were engaged to develop an Information Security Framework to achieve compliance with the Australian Government’s Information Security Manual (ISM). A formal gap analysis was initially completed through documentation review, engagement with key stakeholders and with reference to the ISM.
An integrated suite of documentation was designed and developed to meet the needs of each relevant requirement within the ISM. This process required the conduct of several cybersecurity threat and risk assessments, which detailed the risk profile for the organisation.
Delivered through an ‘in-house’ service model, whereby personnel are engaged over an extended period, the project was delivered to specification and on-budget.