Overview

Public and private firms are facing increasing pressure from various stakeholders (governing and regulatory bodies) to comply with information and financial control laws such as the Access to Information Act and the Privacy Act, Bill 198, BASEL II or the Sarbanes & Oxley Act (U.S.). For most organizations, compliancy is not a choice but a necessity!

Compliancy entails that organizations take all necessary measures to protect their information, implement controls as well as monitor how information is accessed and used. In practical terms, transformation will occur at the organizational level, resulting in changes/re-design of some or all processes and potentially changes to job roles and responsibilities, departmental boundaries, and organizational structure.

Consequently, compliancy requires discipline, tools, skills and the adoption of a framework that guides organizations in the some times complex task of securing their information assets.

Technology Partnerz has developed a Information Security Risk Management Framework that focuses on achieving legal and regulatory compliancy through the alignment of processes, procedures and policy to international best practices (relating to the use, treatment, broadcasting, distribution and technology of identified information assets). For more information on our risk managment services, call us at 1-888-879-8440

Our approach

Based on the international standards in information technology risks management, our approach and proprietary methodology focus on the human and organizational aspects of new processes and best practices. Through this unique and participative approach, our experienced consulting professionals act as facilitators and coaches to ensure successful and rapid adoption of new processes and best practices throughout the organization.

Our unique approach and supporting methodology:

• Are based on the simple premise that risk is ever evolving.
  
• Dynamically identifies changes in risks levels based on a number of variables such as:
  
  • Evolution of vulnerabilities,
    
  • Improvement in hackers tools and abilities,
    
  • Socio-economical and political contexts.
    
• Provides guidance on how to deal with emerging risks in real time.
  
• Leverages existing technology-based security measures (e.g. firewalls and antivirus protection)
  
• Enforces good governance by integrating Service Level Agreements (SLAs), policies and procedures and quality assurance standards like ISO/EIC 9001 et ISO/EIC 14001 into the organization's business processes.