Taylor Baines' consultants provide specialist advice in a broad range of information assurance, governance, security and risk management subjects with many years of experience in providing quality, cost-effective and practical solutions.
Taylor Baines has developed a clear model to help organisations understand the differences and relationships between information security, governance and assurance as shown in the diagram below.
Information Security can be defined as the "preservation of confidentiality, integrity and availability of information" and focuses on the controls required to protect the information at the heart of an organisation.
In a climate where regulation around information security and regular "data leakage" stories in the media battles against budget constratints and reduction, it is crucial for organisations to ensure that any spend is targeted and business-focused to maximse return on investment.
Taylor Baines' consultants are highly experienced in helping organisations design and implement information security strategies that deliver effective results. We can help your organisation to assess:
- What you actually need - Risk environment, legislation, regulation, contractual;
- What you have in place currently - Physical, procedural, technical controls;
- What the priorities are - Risk, cost/benefit assessment; and
- How you get there - Effective strategy and roadmap.
Information Governance can be defined as the “management framework ensuring that information security controls align to the requirements of the organisation as determined by legal, regulatory, contractual and internal compliance requirements”.
Whilst information security deals with the controls that are in place information governance is concerned with how the controls are aligned with the business requirements and managed appropriately. This includes putting frameworks in place that allow the organisation to effectively manage its information.
Taylor Baines' consultants have successfully implemented, supported and managed information governance programmes and can assist your organisation to ensure that your strategy is the most effective and efficient in delivering the information governance you require.
Taylor Baines can assist your organisation by:
- Identifying and assessing governance requirements;
- Designing and implementing an information governance strategy and framework;
- Supporting the business-as-usual operation of the governance framework; and
- Maintaining and fine-tuning the governance framework to ensure it remains appropriate and effective.
Information Assurance can be defined as the “ability to provide demonstrable evidence that your governance and security are working effectively to manage the risks to the organisation”.
Where information security and governance are primarily inward-facing and concerned with managing the risks to an organisation's information, information assurance is about how an organisation proves to the outside world that it is managing information effectively.
Using a standards-based proven methodology Taylor Baines' consultants can assist your organisation to ensure that it can provide the necessary assurance to its customers, partners, suppliers, internal stakeholders, the public and other interested parties where appropriate.
Taylor Baines can assist your organisation with:
- Identifying the target audience(s);
- Identifying the assurance requirements;
- Enabling your organisation to meet the requirements; and
- Allowing your organisation to provide demonstrable assurance to interested parties.