Information Security Certification, Audit and Compliance Programs

There is no better way to prove to yourselves, your stakeholders and clients that your information and theirs, is being protected, than independent certification and audit of your organisation and operations.

Calamity's consultants have significant experience in helping Australian organisations achieve both compliance and certification to Information Security Management related standards and compliance systems. Some of our consultants are licenced to perform the certification audits themselves under the auspices of a certification body such as SAI-Global or BSI-Benchmark. We have performed gap-analysis projects and full-scale certifications. Our consultants have been directly responsible for building compliance systems from scratch, all the way to successful certification for that client.

In other words, while lots of companies can "consult", we know first-hand what will (and will not) get your organisation to full compliance, with a certificate to prove it.

Our certification and compliance experience includes:

• AS/NZS7799 and ISO27001 - Information Security Management
• Sarbanes-Oxley (SOX),
• HIPAA
• Privacy Act
• ACSI33
• ITIL

as well as numerous industry-specific standards and codes of practice. We can also assist you to develop an internal audit capability. Internal and third-party audit is an important element of assurance that you are meeting all your obligations and targets.

For smaller organisations, formal certification may not be required however the Standards can still be relied upon as a useful framework on which to base ongoing compliance activities. Obviously should you wish to become certified later, the process is much easier. You should also have a look at our Information Security Design and Implementation services.