Compliance & Regulatory Standards

The regulatory and compliance climate is becoming more demanding and complex. Sense of Security has extensive experience assessing organisational policies, procedures, and technical implementations against key local and international industry standards.

We have experience with the following management level standards:

• ISO/IEC 17799 Code of Practice for IS Management
• ISO/IEC 27001 (formerly BS7799 Part 2)
• ISO/IEC 27002 (formerly ISO/IEC 17799 / BS7799 Part 1)
• Sarbanes-Oxley (SOX) Section 404: Management Assessment of Internal Controls
• COBIT 4.0: Control Objectives of Information and Related Technology
• PSM: Protective Security Manual (PSM)
• DSM: Defence Security Manual (DSM)

We also have experience with conducting technical security assessments, within a standards-based framework, against standards issued by:

• National Institute for Standards & Technology (NIST)
• SysAdmin, Audit, Network, Security (SANS)
• Center for Internet Security (CIS)

To begin a conversation about exactly the skills and expertise we can bring to your next project, or ongoing management needs, contact our executives directly on the numbers listed on the contact details page.