Security & Assurance Advisory Services

In today’s dynamic technological era, Information security and data privacy is a priority of Governments and citizens.

The Information Security & Assurance unit of iGovTT provides advisory services that enable clients to fortify systems and improve the security posture of their Information Systems and IT networks.

Our extensive experience in Public Sector Information Security Management gives us superior knowledge of Government systems, culture and security needs.

Features of the Service
Information Security Policy Development
Information Security Requirements Planning
Business Continuity Planning (BCP)/Disaster Recovery Planning Advice
Risk Assessments
Security Reviews
Policy & Legislation Compliance Reviews

Improved Risk Management
Improved Information Security Awareness
Integration of security controls in business processes
Improved Detection Correction & Management of security incidents
Better response and remediation in the event of breaches
Improved public trust and confidence in services

Information Security Policy Development
Development of policies geared towards managing processes related to risk management and, security, end-user responsibilities and IT operations

Incident Management
Independent assessments, advice and assistance for incidents relating to information and related systems, and incidents which may be facilitated by ICT systems.

Information Security Requirements Planning
Many ICT projects require information security as a core component and critical success factor. Ensuring that information security and risk management is part of the entire systems development lifecycle is key to the success of project implementation.

Business Continuity Planning (BCP) / Disaster Recovery Planning Advice
Business continuity planning ensures that critical business systems and processes have structured and defined mechanisms to treat with unforeseen incidents and disasters. A comprehensive BCP allows organizations to minimize downtime and maintain a minimum level of service during these events.

Risk Assessments
Assessing risk is one of the key activities in support of organizational and project objectives. Ensuring that risks are identified, assessed and rated allows organizations to mitigate and manage threats to project success in a cohesive manner.

Process Auditing
Auditing processes enabled organizations to view their activities from a security and risk perspective. Whether it be the process by which we acquire and implement new systems, or the way organizations grant and revoke physical or logical access to users, consultants and vendors; stronger, more secure processes reduces the risks which exist in information management and secure service delivery.

Security Reviews
Security reviews mainly focus on the core areas of Governance & Policy, Access Management and IT Administration. These reviews allow the organization to identify control gaps and provide remediation advice to strengthen security controls and reduce risk.

Policy & Legislation Compliance Reviews
Trinidad & Tobago has several laws and policies by which all public entities must abide. Ensuring compliance with existing and upcoming legislation as well as government policy reduces the opportunity for legal liability and loss of reputation.

Recent Twitter