With data becoming the lifeblood of modern day businesses, securing this information should be at the top of any organisation’s to-do list.

Standards are designed to bring order to that security; you’ll inevitably be handling not just your own information, but that of customers and third parties, so it’s vital that you’re able to demonstrate an appropriate level of data protection, to show that you can be trusted with such sensitive material.

There’s no one standard to which every organisation must comply; rather, the specific standard you seek to meet will be determined by things like the reason for seeking compliance, the data you wish to protect, the owners of that data, and many other variables of your situation.

With data becoming the lifeblood of modern day businesses, securing this information should be at the top of any organisation’s to-do list.

Standards are designed to bring order to that security; you’ll inevitably be handling not just your own information, but that of customers and third parties, so it’s vital that you’re able to demonstrate an appropriate level of data protection, to show that you can be trusted with such sensitive material.

There’s no one standard to which every organisation must comply; rather, the specific standard you seek to meet will be determined by things like the reason for seeking compliance, the data you wish to protect, the owners of that data, and many other variables of your situation.

What does compliance look like?

That depends on the standard you’re guided by. Common information security standards include:

Laying down the basic requirements of a robust information security management system (ISMS), the International Organisation for Standardisation (ISO) provides perhaps the most widely used information security standard in the world.

ISO 27001

This is the New Zealand Government’s handbook on how to build and maintain safe, secure and functional information systems for all governmental departments and organisations.

NZISM

The non-profit Center for Internet Security has a prioritised list of 20 basic, foundational and organisational controls designed to protect organisations and their data from known cyberattack vectors.

CIS

Working with some of the public’s most sensitive and personal information, health and medical organisations are quite understandably held to a high standard when it comes to data security, which is laid out by New Zealand’s Health Information Standards Organisation (HISO).

HISO

This health-focused standard, by US-based HIPAA Journal, is designed to secure electronic protected health information (ePHI) and personally identifiable information (PII).

HIPPA

There are a number of reasons why you might be seeking to comply with an information security standard, such as:

  • To respond to a request for proposal (RFP)

  • To prepare for a merger or acquisition
  • As part of your due diligence when launching into a new market
  • To ensure ongoing compliance with ever-evolving legislation
  • Simply as a proactive measure to secure your organisation’s data

But no matter your motivation, and no matter the standard to which you’re looking to comply – whether the five mentioned above or another – at Stratigence we can assist your organisation in ensuring that the information that needs to be secure, is secure.

There are a number of reasons why you might be seeking to comply with an information security standard, such as:

  • To respond to a request for proposal (RFP)

  • To prepare for a merger or acquisition
  • As part of your due diligence when launching into a new market
  • To ensure ongoing compliance with ever-evolving legislation
  • Simply as a proactive measure to secure your organisation’s data

But no matter your motivation, and no matter the standard to which you’re looking to comply – whether the five mentioned above or another – at Stratigence we can assist your organisation in ensuring that the information that needs to be secure, is secure.

With Stratigence, you get:

  • An information security plan that will move you towards compliance using an information security framework. The plan will be tailored to the speed that your organisation would like to achieve compliance, and the resources they have available.
  • A deeper understanding of how your data is managed, to ensure your business can continue, even in the event of a disaster.
  • An understanding of how your business can continue to operate in the event of a security breach.
  • An actionable plan to reduce the chances of a security breach from happening in the first place.

With Stratigence, you get:

  • An information security plan that will move you towards compliance using an information security framework. The plan will be tailored to the speed that your organisation would like to achieve compliance, and the resources they have available.
  • A deeper understanding of how your data is managed, to ensure your business can continue, even in the event of a disaster.
  • An understanding of how your business can continue to operate in the event of a security breach.
  • An actionable plan to reduce the chances of a security breach from happening in the first place.

Standard compliance will only become more vital as the importance of information security is better understood. So get on the front foot with data protection.

Our cyber security offerings

Cyber Security

Tech leader recruitment

Cyber Security Risk Assessment

Agile Coaching