|
SECTOR |
TYPE OF SERVICE |
PROJECT AREA |
|
Charity |
High level
consultancy |
Information Security Policy |
|
Creation and implementation
of a robust Information Security Policy to provide surety to
members, stakeholders and the public with regard to information
management and handling. |
|
Public
|
High level
consultancy |
ISO27001
certification project |
|
Prepared this
public sector housing group for ISO27001 c. November 2007. Full
range of professional services being utilised – Gap Analysis,
Risk Assessment, training delivery, policy and procedure
preparation etc. |
|
Private
|
High level
consultancy |
ISO27001
certification project |
|
Prepared this
private sector secure radios manufacturing for ISO27001 c. March
2007. Full range of professional services being utilised – Gap
Analysis, Risk Assessment, training delivery, policy and
procedure preparation etc. |
|
Private |
High level
consultancy |
ISMS
implementation project |
|
Preparation of
all necessary ISO27001 certification documentation from Gap
Analysis, through Risk Assessment to policy and procedure
development for this screening services company, offering key
services to government agencies. |
|
Public
|
High level
consultancy |
Information
Governance |
|
Delivery of
appropriate management advice to a Borough Council for
Information Governance with a view to ensuring the
implements a robust programme to include delivery of policies,
procedures, guidance and awareness training, with a view to
enhancing compliance across multiple regimes / disciplines, through the
utilisation of an appropriate Information Management Strategy
and Information Security Management System. |
|
Private
|
High level
consultancy |
ISO27001
certification project |
|
Prepared this
private sector managed services provider for ISO27001 c.
December 2006. Full range of professional services being
utilised – Gap Analysis, Risk Assessment, training delivery,
policy and procedure preparation etc. |
|
Private
|
High level
consultancy |
BS7799
certification project |
|
Preparing this
private sector managed services provider delivers
high-performance mail security solutions. As part of their
determination to be market leaders in service provision, bst are
seeking BS7799 certification in order to support customer
requirements for improved transparency of their security
arrangements. |
|
Public sector |
High level
consultancy: interim management |
DP/FOI compliance
programme |
|
Delivery of
appropriate management advice for DP/FOI compliance with a view
to ensuring this Regional Development Agency implements a robust
programme to include delivery of policies, procedures, guidance
and awareness training, with a view to ultimately enabling
Information Governance. Preparation for implementation of the
Directive on the Re-use of Public Sector Information (PSI).
Assistance with records management implementation. |
|
Public
|
High level
consultancy |
Freedom of
Information Implementation |
|
Data Protection
Audit for central government agency, based on Risk Matrix
approach followed by development of appropriate supporting
policies, procedures and guidance documents. Delivery of DPA
and FOI training to all employees during Summer 2004. |
|
Private
|
Corporate
consultancy/ facilitation |
Data Protection
compliance change programme |
|
Household name
brands owned by this large national organisation. Involved in
Data Protection Audit interviewing as well as policy, procedure
and guideline creation in order to ensure this organisation
complies with the requirements of the DPA. A risk based
approach was applied. Covered DMA, HRA, RIPA, ECA,
Telecommunications Regulations etc. |
|
Public
|
Consultancy /
facilitation |
BS7799 Gap
Analysis |
|
This health
sector client was seeking a BS7799 Gap Analysis in order to
assess their level of compliance with NHS requirements in this
area. They provide IT, Finance, HR & Facilities services to 8
NHS partners. It was important to establish the scope of the
review, to assess the understanding of security amongst the
employees and to work out an appropriate plan to achieve
compliance. Interviews with employees were required with a view
to collating responses and producing reports. This assignment
was about ensuring that all NHS, Caldicott and data handling
guidelines were borne in mind whilst reviewing the wider
implications of BS7799 compliance for HI as they provide
services to 7 NHS Healthcare Trust clients. Some focus on Data
Protection and FOI issues. |
|
Public
|
Management review |
Information
security & legislation compliance |
|
The review
objectives for this City Council were:
·
To
understand the current set up and problems and shortcomings.
·
To
consider what information management (IM) organisation structure
(reporting, responsibilities) should be set up to ensure that
the Council is able to comply and maintain its compliance. This
IM organisation structure recognises the impact of the current
delivery restructuring and that the resulting new delivery
structures will equally need to comply.
·
To
identify what actions are needed to manage Freedom of
Information (FOI) implementation. |
|
Public |
Management review
|
Information
security & legislation compliance |
|
|
The review
objectives for this large metropolitan City Council were
to:
·
To
understand the current set up and problems and shortcomings.
·
To
consider what information management (IM) organisation structure
(reporting, responsibilities) should be set up to ensure that
the Council is able to comply and maintain its compliance. This
IM organisation structure recognises the impact of the current
delivery restructuring and that the resulting new delivery
structures will equally need to comply.
·
To
identify what actions are needed to set up the new IM
organisation structure.
·
To
summarise the key actions which the new IM organisation
structure must take to achieve compliance. This included for
example identifying at high level what procedures should be
embedded in new project inception and delivery to ensure
compliance. |
|
Socitm Learning |
Training /
facilitation
|
FOI / DP / BS7799
/ Information Security Overview training delivery |
|
Provision of one
day training on each subject area in order to assist Local
Government SOCITM members to have a better understanding of the
requirements of each area and their relationship. Information
security is essential for successful local e-Government.
|
|
Public
|
Consultancy /
facilitation |
BS7799 Gap
Analysis |
|
The Health
Informatics (HI) section of this NHS client was seeking a BS7799
Gap Analysis in order to assess their level of compliance with
NHS requirements in this area. It was important to establish
the scope of the review, to assess the understanding of security
amongst the employees and to work out an appropriate plan to
achieve compliance. Interviews with employees were required
with a view to collating responses and producing reports. This
assignment was about ensuring that all NHS, Caldicott and data
handling guidelines were borne in mind whilst reviewing the
wider implications of BS7799 compliance for HI as they provide
services to 7 NHS Healthcare Trust clients. Some focus on DP
issues. |
