Managed Services

Data Management

Unified Communications

Software and Consulting

Oracle

Microsoft Applications

Microsoft Dynamics

Microsoft Infrastructure

PeopleSoft

IT Security

Training

IT Security - Compliance Governance – IS027001 & CLAS

With new threats, vulnerabilities and legislation being released on a daily basis, the security arena is constantly changing. At the same time spend on IT security is spiralling out of control and causing concern to senior managers, who is going to make the decision not to spend on such a sensitive set of requirements but how can leaders justify continually increasing the budget indiscriminately?

To ensure that compliance is fully maintained and that threats are mitigated going forward, security infrastructure and policy compliance must be reviewed on a regular basis. Failure to execute a clear security strategy that leads to a plan, policy, measures and operation processes and procedures, can lead to loss of highly-sensitive IPR, organisation disruption, poor delivery of front line service and high costs. Only when Information Assurance is executed successfully can information be protected, audited and available where-ever it is needed.

2e2’s Information Assurance Programme is designed to address an organisation’s many security needs. 2e2 are one of the largest providers of IT Seurity services in the UK and a Catalist Accredited supplier in this field. Our industry experts will actively assess an organisations security strategy, infrastructure, policy and operations ensuring legislation is met and threats mitigated.

2e2’s Information Assurance Programme offers many levels of service:

• Technical Security Measures Strategic Review - This provides a strict review of all the IT security measures in force for the organisation, focussing on all or specific areas. It assesses the fit of the measures in place to meeting the organisation’s security objectives and contrasts this to what is available in today in the industry.
• Operational Best Practice Strategic Review - This extends the Technical Security Measures Review by focussing on the operational processes used to enforce the measures. This is based on best-practice security standards such as ITIL, CERT, BSI, manufacturers and Government guidelines.
• ISO27001 Best Practice Strategic Review - This strict review serves as an ideal prelude to a detailed ISO27001 Gap Analysis carried out using our ISO27001 Gap Analysis Services Package. Using the 10 major groups of the ISO27001 standard, 2e2 review security measures, policies and practices in force in the target organisation. The very comprehensive coverage of the ISO27001 standard and it’s widespread acceptance as a best practice standard mean that it is ideal for use with non technical IT audiences, auditors, regulatory bodies etc. It helps discussion of the area of IT Security at director level and with boards responsible for corporate governance.
• Security Policy Design - This service assists an organisation in developing their security policy which should form the cornerstone of any security strategy. This document is the easily understood face of corporate Information Systems security measures that are in force.  Detailed measures and procedures will be held in supporting documents such as Acceptable Use Polices, Staff Handbooks and Security Deployment plans.
• Security Policy Framework - This service assists an organisation in developing a comprehensive security policy framework. 2e2 will create this in weeks rather than months based on best-practice from ISO27001 and ITIL. It covers an IT Security Policy (as above), IT Security Plan and IT Security Measures Reference. Importantly it included skills transfer so the customer can keep the policy framework up-to-date.