prosec2cert

ProSec2 

Affordable | Achievable | Relevant

informationsecurity-banner

 

 

 

 

 

The emphasis is on education for the business and the subsequent implementation of best practice policies. The goal is to ensure that both yours and your client's critical information is securely protected to the best of your ability. Whilst there are never any guarantees that a security breach will not take place, for peace of mind as well as legal and client confidence reasons you and they want to know that you did as much as is reasonably possible to prevent one.

 

By achieving ProSec2 accreditation you will have put in place a significant programme of user awareness and best practice policies that are designed to significantly reduce the risk of an information security breach.

 

 

THE ProSec2 FRAMEWORK

 

 

 

Accreditation Stage: 1

 

Objective: It is essential that the senior management structure of the firm understands, buys into and owns the Information security policies you implement.  

 

Requirement: ProSec2 requires the design and existence of an internal Security Council who own and sign off the firm's IS policies.

 

What we do: As part of the preparation stage our security consultant will assist you in setting up your security council

 

 

 

 

Accreditation Stage: 2

 

Objective: To identify all areas of the business where information security policy should apply.

 

Requirement: ProSec2 requires the business to identify and document all at risk areas and put in place appropriate policies.

 

What we do: We provide you with an Information Security Self - Assessment document to help you understand your current setup and any gaps or risks that may be evident.

 

 

 

 

 

Accreditation Stage: 3

 

Objective: To understand the gaps in current information security.

 

Requirement: To document gaps identified and create a remediation plan.

 

What we do: Our consultant will attend your site and assist with the review of the self assessment provided as part of stage 2.

 

 

 

 

Accreditation Stage: 3

 

Objective: To produce IS policy catalogue

 

Requirement: To implement active IS policies including at least the following 10 core ProSec2 policies:

 

What we do: We provide (free of charge) the following fully editable IS Policy Templates for your use if not already in place.

 

 

Disaster Recovery Policy

Server Security Policy

Acceptable Usage Policy

Password Construction Policy

Email Use Policy

Remote Access Policy

Incident Response Policy

Workstation Security Policy

Software Installation Policy

Equipment Disposal Policy

 

 

 

 

Accreditation Stage: 3

 

Objective: To ensure that Senior Management and staff are fully aware of the firm's information security obligations and policies.

 

Requirement: Communication plan in place

 

What we do: We provide a (free of charge) set of best practice documents and presentations to help you set up an internal communication programme.

 

 

 

 

GOVERNANCE

ASSET IDENTIFICATION

RISK ASSESSMENT

IS POLICY CATALOGUE

"Getting certified with ProSec2 was easy. We take our clients information seriously and now they know we do."

 

CEO

Financial Services Company

Want to become a licenced ProSec2 Auditor?

 

Contact us for details

USER AWARENESS

All ProSec2 packages come complete with 10 fully editable Information Security Policy Templates

EXAMPLE ACCEPTABLE USAGE POLICY TEMPLATE

word_icon

ALL PACKAGES INCLUDE USER AWARENESS PRESENTATION TEMPLATE

portcullis presentation

 

WHITE LABEL SERVICE

 

Become an APA (Accrediated ProSec2 Advisor) and offer the ProSec2 service to your own clients

Become an APA

ProSec2

 

affordable information security accreditation

prosec2auditor prosec2cert prosec2cert

How it works