Risk & Compliance Services
Increasing Regulatory Landscape
Cyber Security is a key strategy for both the federal and state governments. As the total number of cyber security incidents detected increases exponentially, business culture and conduct becomes even more important as a standing item on the agenda for board meetings. Organisational duty of care extends beyond protection of proprietary data into management and protection of consumer privacy and further, to the compliance of service providers. Our consultants have been helping organisations achieve compliance and, more importantly, maintain compliance to a range of standards while keeping costs low.
We have seen it all
Privasec consultants have, for many years been providing practical guidance to organisations to help them meet and maintain compliance to a broad range of professional standards.
Over the last decade, our consultants have worked with small, medium and large organisations, including State Governments. Our expertise extends across financial services, retail, information technology, health, entertainment and not-for-profit.
Experience
Our consultants leverage years of experience to help you improve IT delivery, manage your outsourcing and reduce costs
Information Security Services for PMO
How do you stay on top of your IT projects to ensure
they don’t weaken the integrity of your infrastructure?
Security in PMP/SDLC
We assist organisations in building seamless security checks in project and development lifecycles.
PMO Augmentation
We integrate your PMO to stay on top of your projects and ensure they don’t break your security and/or compliance.
Requirement Definition and Security Advisory for Projects
We provide security expertise and governance on sensitive and large projects.
Risk and Compliance
The ever-present need to reduce costs and to remain competitive, as well as the increasing regulatory and contractual practices, drive the need for ICT governance and risk management practices.
Risk Management Frameworks (ISO31000, ISO27005)
We leverage ISO best practices to create a risk framework tailored to your organisation and risk appetite.
Risk Assessment & Mitigation
We assess the risk of a given technology, project or business area, to provide you with assurance and enable informed decision making
PCI DSS Services
Helping you through the entire PCI DSS journey and providing practical advice for efficient, cost-effective compliance.
ISO27001 ISMS
Assisting you in designing and implementing a practical and a certifiable information security management system that delivers real value.
ISM/PSPF Compliance
We help private and government organisations to comply with Attorney General’s PSPF and Australian Signals Directorate’s (ASD) ISM. We also work with each state’s adaptations of the ISM (IS18, ISMF, etc.)
APRA PPG 234 Compliance
Privasec helps financial services organisations to identify compliance gaps against PPG 234 and provides practical remediation guidance.
NIST SP800/500-x
Our assessments measure compliance against NIST standards and provide practical remediation guidance.
ITIL (ISO20000)
Helping you define and implement practical and certifiable ITIL practices within your IT environment, and providing assistance during certification audits.
Tender and Bid Security Input
Assisting you in building security requirements into your tenders (when you tender) and in your responses (when you bid).
STAR CSA Compliance
Assessing cloud services against the CSA’s Cloud Control Matrix (CCM) and STAR maturity model, to prepare you for the certification audits.
Privacy Assessments
Assessments to help you identify Personally Identifiable Information (PII) within your business, and the associated security and legal risks.
Outsourcing and Vendor Contract Compliance
Performing security assurance assessments of your service providers to measure compliance against your contracts and compliance/security requirements.
Integrated Management Systems (QMS, EMS, ISMS)
Combining your existing or developing management systems into one that drives value and reduces audit costs. We can also leverage your existing QMS or EMS to build and integrate a certifiable ISMS.
Contract Preparation and Review Services
Privasec works with you to ensure that your contracts protect your information, in line with your business requirements.
I-RAP Assessments
Assessing agencies and private organisations’ ability to handle government information in compliance with ASD’s requirements.
Government
NSW ICT Advanced Supplier (SCM0020)
QLD GICT Supplier (CCIQ Quassure)
VIC eServices Registered Supplier
We deliver services in the following languages
Contact
T(AU): 1800 996 001
T(NZ): +64 9 222 4725
T(SG): +65 6631 8375
T(MY): +603 2788 3709
L2, 64 Clarence Street
Sydney 2000
NSW, Australia
L6, 276 Flinders Street
Melbourne 3000
VIC, Australia
L6, 200 Adelaide Street
Brisbane 4000
QLD, Australia
L4, 17 Albert Street
Auckland CBD 1010
New Zealand
5 Shenton Way
UIC Building #10-01
Singapore 068808
Level 9, Suite 3, Wisma UOA II
6, Changkat Semantan, Damansara Heights
50490 Kuala Lumpur, Malaysia
