ISO 27001 and Right Fit for Risk
Targeted support to achieve ISO 27001 certification for RFFR
With the Federal Government’s Right Fit for Risk (RFFR) initiative providers of employment skills, training and disability employment services will be required to hold ISO 27001 certification to ensure government owned data is safely held on provider systems.
No matter where you are on our RFFR journey, Vital Advisory can assist with achieving your certification goal and building enduring cyber security capabilities.
Vital Advisory work with you to achieve ISO 27001 on time, with real security benefits
Regardless of where you are in your ISO 27001 – Right Fit for Risk project, Vital Advisory can help you build a structured and comprehensive Information Security Management System which addresses your key risks:
- Identify and understand your full business and security context
- Identify the risks which pose a genuine threat to your objectives
- Select the right suite of procedural and technical controls for data protection
- Prepare your Statement of Applicability (SoA)
- Build lasting effectiveness of your ISMS with the correct monitoring and review processes
- Achieve ISO 27001 certification compliance
Our approach is not centred on box-ticking, but on achieving the benefits and opportunities which ISO 27001 can bring. Expert review of your security and governance practices is key to making these benefits real.
Vital Advisory work with you to bring your
RFFR ISMS accredition in on time, with real security benefits
Our experts have decades of experience in implementing ISO 27001 for organisations of all sizes.
We work with you to identify the right balance between risk and opportunity, as well as conformance and performance improvement.
Regardless of where you are with your RFFR project, we can provide tailored support to achieving your security and compliance objectives.
Our unique approach to documentation produces a management system which is easy to understand and maintain.
To learn more about how Vital Advisory can help with your RFFR ISMS project, please see our
Assistance Packages
Select from the following assistance packages. Fixed-pricing options are available for most packages. If you require assistance based around your organisational role, see our Function Packages further down the page.
Experienced. Trusted. Pragmatic.
Contact us to discuss how we can help your team achieve their role in your RFFR ISMS implementation.
Organisational Function Packages
If you need information security assistance for your organisational division, select from the following function packages. Fixed-pricing options are available for most packages.
It’s not about the documents produced.
It is about the journey we both take to make every effort count.
Whole of Enterprise Approach
Security is only effective when it embraces the totality of an organisation’s activities.
We don’t focus on technology-based solutions – we develop organisational capabilities to address genuine security challenges.
Vital Advisory work in partnership with your business to build a complete understanding of your security requirements, capabilities and the change needed to accomplish your security goals.
Our methodology for a typical engagement takes clients through four stages:
1
+ Understand the Business
Firstly we build a detailed understanding of your business: strategic goals; business unit functions; information assets under management; key systems and services; stakeholders; compliance obligations; and more.
2
+ Understand the Risks
With a clear analysis of your business in place, we leverage this to identify information security risks you face, who has responsibility, and what impacts may befall your business goals. This creates a prioritised understanding of risk and where security capability improvements can protect your interests.
3
+ Build Your Security Strategy
We develop the Information Security Management System to uplift your security processes. Through use of our unique “One Page” documentation approach we ensure security methods and requirements are easily understood and adopted by business teams to become an active part of your BAU.
4
+ Put Security Practice into Operation
Ongoing security improvement underpins successful business. We put in place the elements to make security a core component of business operations, which strengthen over time. These include all the lifecycle elements of an effective Information Security Management System.
By applying these four strategies, we ensure that the totality of your information security requirements are identified, addressed, and managed efficiently. Security aligns with your core business goals and becomes a tool to win new business, not remain a cost and complexity burden.
Talk with a security adviser to find out how to reach your security objectives: call us on +61 420 978 258.
CONTACT
If you’d like to discuss how Vital Advisory can assist you with achieving your Technology Risk Management goals, please contact us on +61 420 978 258.