Doll Martin Associates provides an integrated set of Quality Assurance services in the area of cyber and information security, including developing security frameworks and procedures, delivering control methodologies, performing process audits and risk assessments, leading diagnostic review, providing health checks, and where required, assembling remediation plans.
Transition to NSW Cyber Security Policy
Doll Martin Associates Cyber Security Consulting & Quality Assurance services can help NSW government agencies fulfill their obligations under the new Cyber Security Policy approach incorporating the Essential 8 Maturity Model, which aims to achieve confidence in agency cyber and informational security capability through:
An independent review of the preparedness of an agency’s ICT cyber information security capabilities,
Identification of agency key controls in Essential 8 and ISMS/Cyber Security
Confirmation of corporate scope and assumptions
List key differences and gaps (Cyber/E8MM/ISMS vs DISP/ISMS)
Document general conclusions, ramifications (e.g. time, cost) and recommendations
Review analysis with and handover to client
An understanding of the preparedness of an agency’s security management systems
Cyber Security and Information Security Management System ISO/IEC 27001 certification including formal audits for ISO 27001 compliance
Annual NSW Government Cyber Security Policy compliance notification
NSW Government ICT Attestation compliance for their agency Annual Reports
We offer a series of systematic activities to work with the senior management. These activities are routinely augmented with reports and reviews on any of the above items.
Outcome
Doll Martin Associates provides a best practice driven, collaborative team designed to ensure a tight alignment between information and cyber security and the legislative, governance, policy and strategic obligations of an agency.
Our desired outcome when working with any agency is to deliver a transparent, open, realistic and pragmatic assessment of the agency’s true information security maturity and communicate a clear and achievable path forward, thereby directly increasing the opportunity to strengthen and improve.