Apache has assisted a number of leading organisations implement Information Security Management Systems in line with recognised international and national standards for security management. These include Oceanis Australia Pty Ltd, SEQ Water and Powerlink Queensland.
These standards address the three main principals of Information Security Management.
Apache uses the following process to deliver the solution:
- To identify the knowledge assets of the organisation. This is knowledge the organisation has acquired over the years regarding markets, products, technologies and processes that a business owns or needs to own and which enable its business processes to generate profits.
- To consider the risks to these assets.
- Unavailability of the system or network,
- Unauthorised access to information,
- Loss of information through theft,
- Loss of information through fire or other emergency,
- Loss of availability, integrity or confidentiality through the action of malicious software,
- Loss of availability, integrity or confidentiality through Hacker attack.
- To implement a security infrastructure to ensure that information is shared on a need to know basis.
- Development of policies and procedures to be implemented that addresses and minimise the possible unauthorised use, accidental modification or loss of information assets. These information assets are critical to a business’ daily operations and include documents, files, electronic data the software or systems and networks on which information is stored processed or transmitted.
- To develop a Business Continuity Plan to be implemented in the event of a disaster. In plain language, BCP is working out how to stay in business in the event of disaster. Incidents include local incidents like building fires, regional incidents like earthquakes, or national incidents like pandemic illnesses.