Information security

Reliable and secure IT services and information management systems are vital to most organisations. Business critical challenges in this area include:

In cases where organisations are subject to regulations such as the European Union General Data Protection Regulation (EU GDPR), then compliance to information security laws and best practices is a pre-requisite to doing business.

Cyber risk now encompasses more than our traditional view of computers, and today includes smartphones, tablets, and the Internet of Things, including cars and household devices, widening the scope for attackers into unchartered territory for most organisations.

Reliable and secure IT services and information management systems are vital to most organisations. Business critical challenges in this area include:

  • System preparedness and response capabilities that enable business continuity
  • Responsibility for establishing solutions that prevent and mitigate system threats and vulnerabilities
  • Increased customer expectations
  • Economic impacts that require increased efficiencies on limited budgets
  • Increased globalisation of supplies with a growing complexity of suppliers
  • Ensuring adequate controls to address confidentiality, integrity and availability of information
  • Threats from fraud, sabotage and viruses

The impact of an information security breach can be extremely costly and have far-reaching consequences on an organisation’s brand reputation, Cyber security measures are no longer an optional extra; they are essential to a business running smoothly

LRQA can equip your organisation with the right risk management approach and information security frameworks to cater to infrastructure, data, and company applications in the face of new and changing threats arising from the use of services in the cloud and mobile computing platforms.

LRQA is your trusted partner for protecting your organisation against cyber threats

ISO 27001

The international information security management system (ISMS) standard ISO 27001 (Information technology – Security techniques – Information security management systems – Requirements) provides organisations a best practice framework to identify, analyse and then implement controls to manage information security risks and safeguard the integrity of business-critical data.

ISO/IEC 20000-1

ISO/IEC 20000-1:2011 (Information technology – Service management – Part 1: Service management system requirements) is a service management system (SMS) standard which specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfil agreed service requirements.

EU General Data Protection Regulation (GDPR)

The EU General Data Protection Regulation (GDPR) is a new regulation that becomes applicable in May 2018. The regulation strengthens data privacy for individuals, introduces stricter laws governing how businesses use personal data, and imposes harsher fines on organisations that incur breaches. Non-EU organisations that do business in the EU with EU data subjects’ personal data should prepare to comply with the Regulation. Organisations providing products or services to EU customers or processing their data may face legal consequences if an incident is reported

Our Expertise

LRQA has been at the forefront of standards development and involved in information security management system (ISMS) assessment and certification for many years. Our roster of high-profile clients in the finance, telecommunications, software, internet, consultancy, justice and government sectors, trust LRQA to deliver high quality, consistent and impartial assessments with the full back-up of a highly dedicated support package. Our assessors are management systems experts qualified in information security and other aspects of IT, whose objective view will give you confidence in your own security measures as judged against best industry practice.