IT Security

 
Information security is of paramount importance to all organisations. With the increasing development of, and reliance on, information technology, it is imperative that organisations protect their critical data assets both for their own operational needs and to ensure the continuing confidence of their clients, customers and partners. Agilient helps organisations with this process.

In helping organisations address information security Agilent focuses on:

  1. Securing their critical assets.
  2. Managing risks more effectively.
  3. Improving and maintain customer confidence.
  4. Demonstrating conformance to international best practice.
  5. Avoiding brand damage, loss of earnings or potential regulatory fines.
  6. Evolving their information security posture alongside technological developments.

Usually information security requires a two-pronged approach.  This involves meeting mandated or regulatory controls and conducting a threat and risk assessment to define appropriate controls. Agilient can help with both these processes.In undertaking this work Agilent uses the full range of ISO 27001 standards, but in particular the following:

  • ISO 31000, Risk management – Principles and guidelines; 
  • ISO/IEC 27000: Information technology – Security techniques – Information security management systems – Overview and vocabulary; 
  • ISO/IEC 27001: Information technology – Security techniques – Information security management systems – Requirements;
  • ISO/IEC 27002: Information technology – Security techniques – Code of practice for information security controls. The latest version of the code of practice for information security controls;
  • ISO/IEC 27003: Information technology – Security techniques – Information security management system implementation guidance;
  • ISO/IEC 27004: Information technology – Security techniques – Information security management – Monitoring, measurement, analysis and evaluation;
  • ISO/IEC 27005: Information technology – Security techniques – Information security risk management; 
  • ISO/IEC 27017: Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services;
  • ISO/IEC 27031: Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity; and 
  • ISO/IEC 27032: Information technology – Security techniques – Guidelines for cybersecurity

Agilent can also apply:

  • The Australian Signals Directorate’s Information Security Manual (ISM) and top mitigation control recommendations.
  • The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) Cyber Security Framework.
  • The Commonwealth Protective Security Policy Framework and Standards Australia’s Handbook 167:2006 – Security risk management.

Contact us today to discuss how Agilient security consultants can help you with the Information security and IT Governance process in a way that delivers new insights and tangible outcomes.