South African Centre for Information Security is able to assist organisations in all aspects of developing, implementing or managing an Information Security Management System (ISMS).

This can include creating policies and standards, achieving BS7799/ISO 27001 compliance or recruiting members of a security management team. We can also support your organisation through full or partial outsourcing of your ISMS [Information Security Management System].

SACfIS has extensive, practical experience with its partners of developing and operating information security management systems for a wide range of private and public sector organisations. Some of the key activities we're able to address include:

• Reviews of existing policies and procedures against industry best practice
• Risk assessment procedures
• Definition of security policies and standards
• Building a security culture within an organisation through education and awareness training
• Monitoring internal compliance to security policies
• Maintaining corporate compliance to regulatory or legislative requirements
• Recruitment, training and mentoring of ISMS staff
• Remote security monitoring and management
• Full or partial outsourcing of an ISMS
• Developing information security policies, procedures and guidelines
• Risk profiling your organisation
• Identifying your Critical Assets
• Selecting the Appropriate Controls
• Performing a GAP Analysis / Performance Assessment
• Implementation and Monitoring of your Information Security Management System