Security Governance of Information Systems

The vCISO is an outsourced Chief Information Security Officer who leads the strategy for protecting the business and its assets.  Available on a full-time, part-time or flexible basis, our vCISOs are able to draw up on the significant support and knowledge within BSSI.  Their deliver your information security programme and provide the necessary leadership within your business.

Our belief: By implementing a risk-based approach our vCISO will implement your information security strategy, protect your moost sensitive resources and control the costs associated with security.

Depending on your requirements our vCISO can perform the following:

  • Risk analysis
  • Drafting of policies and formalisation of procedures
  • Formalisation of the security action plan
  • Drafting of procedures and adaptation of processes
  • Compliance
  • Implementation of an awareness campaign
  • Coordination of audits
  • Monitoring Security projects

Norms and standards used:

# ISO27001 / ISO27002

# ISO27005

# ISO31000

Guide to good security practices (NCSC guidance)