Business Information Security Review™

Ensuring robustness of information systems and having adequate business continuity plans should be a goal of all Business & IT change but unfortunately it is more often forgotten than actively deployed.  Changescape’s BIS Method will help identify information security and business continuity needs and can run in parallel with any project management & systems development methods you currently use. 
The process commences with a Business Criticality Assessment where we determine to what extent the whole method is needed or just parts.
Next we analyse the Business Impact Assessment and add information relating to general business risks and specific information security risks and create a set of non-functional Business Control Requirements.
Stage 3 concerns itself with identification of technical risks and the impact of system unavailability due to technical failure.
The next stage of the Changescape BIS Method™ is to manage the specification and build of solutions that will address the business and technical control requirements and therefore remove key elements of business risk.
Stage 5 is concerned with a detailed approach to the testing the Business and Technical Controls.  This phase starts with the development of a comprehensive Test Strategy and associated Test Plan and covers System Acceptance Test, Operational Acceptance Test and User Acceptance Test.
Stage 6 pulls together all the above into a thorough implementation plan taking account of any required Dress Rehearsals prior to live operations.
Finally, the Changescape BIS Method™ concludes with a Post Implementation Review to validate the effectiveness of the Information Security Controls & Disaster Recovery Plans, to ensure learning from the process, to link with any necessary Service Level Agreements and to sign-off the change as complete, robust and fit for purpose.
To book a no-obligation initial meeting to discuss Business Information Security & Continuity, please contact us.