Our Cynergy Governance services enable organisations to oversee activities relating to Information and cyber security, ensuring they meet the agreed strategic objectives for the business, and contribute to the overall performance of the organisation.
Why you might need this service
Information and Cyber Security is ultimately risk management, identifying those risks that threaten your business’s ability to meet its strategic aims, and mitigating them appropriately against your risk appetite. It is therefore important to establish a governance framework, including roles and responsibilities, that engages stakeholders across the business to review the effectiveness of security practices, make required decisions, and escalate where necessary.
The service is delivered through a blend of on-site and remote support and is comprised of a current state assessment, followed by a governance model designed to meet your organisation’s specific requirements.
Lower Cost – pay only for the support required
Address Market Demand – access the capabilities quickly, reducing the time and cost of attracting and retaining talent
Improve Maturity – deliver effective improvements to security posture through a breadth of experience
Existing Capability – leverage current investment in expertise and technology to enhance security
The service can be a one-off assessment or an ongoing engagement and includes the following;
- Reviewing business strategy, current governance and operating models and priorities. Identifying key stakeholders.
- Reviewing relevant regulations, their scope, and identifying strengths and weaknesses.
- Reviewing operational landscape, such as technology,
outsourced services, and third parties.
- Reviewing capabilities, and capacity and supporting cyber security activities.
Once the assessment is complete, the scope and objectives of the service will be documented including terms of reference. Stakeholders, and their roles, will be agreed, and submissions and outputs formalised.
Strategy Alignment – ensure strategic alignment of information security in support of business objectives
Risk Management – manage and mitigate risks and reduce potential
Resource Management – ensure the efficient utilisation of information security knowledge and infrastructure
Performance Management – measure, monitor and report on information security processes to ensure business objectives are achieved
Value – ensure strategic goals for security are achieved and an acceptable risk posture is attained at the lowest rate
The delivery of the service will include ensuring submissions are received on time, compiled into the appropriate packs and distributed to all attendees, with minutes and actions recorded, published and tracked.