Caorunn - Information security

Caorunn		Information security
www.caorunn.com

Our information security practice will assist your business in classifying the risk of information leakage and loss, costing the impact of those risks, and devising appropriate policies, procedures and guidelines for managing your information assets.

We will help you classify your data in terms of confidentiality, integrity and availability; and based on these classifications design appropriate physical, logical and procedural controls for your operations.

We can assist in implementing global information security standards within your organisation, including

ISO 27001:2005
ISF Standard of Good Practice 2007
PCI DSS

The outputs from this practice include

Operational procedures
Information security policies
Information security audits

As part of our information security practice, we have assisted management of a credit card processing bureau in the implementation of PCI DSS, have provided consultancy to a finance house in the implementation of ISO 27001:2005, and managed the rollout and implementation of AES-256 encryption of portable disks.