 |
Information Security |
LRNGInformationSecurity
I n f o r m a t i o n S e c u r i t y & R e c o r d s M a n a g e m e n t
Protect your Information & your Assets.
Protect your Business.
Information Systems are key elements of Operational Processes. System unavailability, compromised integrity, confidentiality breaches, can have significant financial repercussions, can affect your ability to operate, and can severely damage your reputation.
LRNGInformationSecurity helps you Identify, Assess, and Process your Risks in a very structured way. Build the Inventory of your Information Systems, visualize your System Heat Map, and take appropriate action.
Want to know more?
Innovation by LRNGRiskConsulting
The “Business Services” Approach
Information System
The “Business Services” Approach
Derived from latest Resilience trends & practivces
Combining usual Information Security techniques and latest Operational Resilience practices, a very modern approach, which sets the focus on service delivery and value added to the Business.
The baseline for your Compliance
ISO 27001 (Information Security), ISO 22301 (Business Continuity), Data Privacy laws, GDPR (EU Data Protection regulation), … A solid foundation for all Compliance purposes.
A Security Strategy thats fits the needs!
Set your own Security Requirements, in a very structured way, and in connection with actual business needs.
An appropriate Business Continuity policy
An essential tool for accurate implementation of your Business Continuity strategy
Your Information System Inventory: an extensively powerful tool!
What the Inventory is:
- A comprehensive list of all your systems and their purposes (« Business Services »)
- A Business Impact Analysis in case of a System failure
- A clear definition of Security Requirements: integrity, confidentiality, availability
- A broad identification of all the System de pendencies (System elements: apps, software, hardware, licenses, certificates,…
- A mapping of held personal information
What is the Inventory made for:
- Assessing the Risks in a systematic & structured way
- Implementing appropriate Security & Business Continuity Strategies
- Designing accurate specifications for your IT Service Providers
- Prepare for a migration or an upgrade in your infrastructure
- Starting an ISO 27001 certification process
Want to start building your Information System Inventory?
Going one step further
Risk assessment
Putting the things right: the starting point should be the Risk Assessment itself (based on the Inventory and the Security Requirements), which should lead to the selection of appropriate technical solutions, and not the actual infrastructure which should undergo a Risk Analysis. Only the inventory-based, structured and systematic methodology will provide the best results and allow the implementation of an accurate Security Strategy.
Process Mapping
Taken from Quality Assurance methodology, Process Mapping is an essential analytical work. When executed ahead of the Inventory, it places the Information Systems in their operational context and allows to better identify System contribution to Business value generation and impact of a failure.
Ready to Start? Want to know more?
|
Records Management |
LRNGRecordsManagement
I n f o r m a t i o n S e c u r i t y & R e c o r d s M a n a g e m e n t
Risk-based Records Management
In a modern, pragmatic & business-oriented approach, Records Management is just another aspect of Risk Management.
What is the Risk, if I’m not able to provide the requested documents?
What is the impact, if a confidential piece of information is made public?
Risk-based Records Management let you design an appropriate strategy for your business.
Here are some Records Management concepts, that can be helpful to your business.
Metadata & Records Series
Or data on the data: structured metadata is the key element to retrieve needed information and make clear decisions: keep, process, share, dispose…
Process Mapping
Yes, it’s Quality too 😉
A valuable tool to understand how your information is supporting your business: where it is received, how it is processed, whom it is transferred to.
System Design
Whatever the format (hardcopy, digital or even vocal), the Records Management System has to be designed to match & support your business needs – while enforcing valuable Records Management rules.
Standard Operating Procedures
Standardize the way you are working, to make sure you are capturing the information you need, and guarantee Information Security.
Information Audits
Take the bottom-up approach: analyze actual information flows in your business, and make decisions based on feedback from the field.
Want to know how Records Management can enhance your business?
ISO 15489
All concepts exposed above, all Packs & Modules proposed below,
are based on the ISO 15489 International Standard.
Our Offer
Modules,
Packs,
& Mandates
Our offer is made of Modules, Packs & Mandates.
Individual Modules can be purchased independently from each other*, are executed once and agreed deliverables are provided (e.g. Internal Audit, deliverable: audit report). Modules are generally made of a questionnaire, a template, and a variable level of assistance / support.
Packs are a combination of Modules, proposed at a more attractive price. Pick an existing Pack, or build your own, combining the Modules you need.
A Mandate sets the focus on the Objective(s) you’d like to achieve (e.g. certification), and guidance / assistance / support is provided accordingly.
*Note: advanced Modules may require other Modules to be completed first.
All prices excl. VAT. Prices of our Packs & Modules depend on size & complexity of your business,
and more than anything else, on… your participation (and subsequently, the level of assistance / support you’ll need)!
Don’t hesitate to request a free quote, based on a quick assessment of your situation.
Interested in our Modules, Packs & Mandates? Want to know more?
Try our Starter Pack:
A perfect introduction to Strategic Risk Management,
and to our unique, pragmatic approach