CYBERSECURITY AUGMENTATION SERVICE

MX GOVERNANCE ENGINEERING™

To implement an effective security governance and to successfully meet regulatory compliance requirements, we assist our customers in instituting a cybersecurity policy framework as such will support them in managing the development and maintenance of cybersecurity policies, standards and guidelines which provide them a clear implementation expectation between policy implementers and reviewers.

The success of cybersecurity initiatives is very much reliant on the management commitment where the C-Suite is expected to ensure security initiatives are planned, implemented, operated, monitored, reviewed, audited and actioned upon at all levels of the organisation hierarchy. Though such expectations are easily understood, it is very challenging to maintain a high degree of information security governance, especially in areas where members of the organisation operate in a diverse environment.

This service performs a study on the current organization setup and recommends the setting of committees, the committee charter and the composition of the committee members. With the presence of information security leadership as well as the channels established to disseminate information security initiatives, the organization would be able to set information security expectations through the establishment of information security policies, standards and guidelines. Depending on the complexity of the organization setup, the geographical presence and the diversity of the operating environment especially the critical information infrastructure (CII) environment, the information security policy development effort may vary. Maximus has the experience to develop industry-specific information security policies, standards and guidelines, as well as for simple and complex environments.

Prior to dealing with organizational changes at this scale, Maximus will first need to gather information about the business activities of the operators and have a thorough understanding of the current methods of operations. Custodial and ownership roles and their reporting hierarchy will then be identified to determine the committees needed to be set up, together with the roles and responsibilities being defined. Maximus will then provide advice to the appointment of the committee members so that the information security management would be effective. 

Once committees have been set up, the Organization would be ready for information security policy development activities. A functional information security policy for a specific operating environment needs to take into consideration the entity setup, geographical presence, organization setup, business requirements and focus.

A gap based on specific industry practices will be conducted against the customer’s existing policies to determine the deficient areas. The gap analysis can optionally cover the review of the policy hierarchy as well as the ownership suitability of the existing information security policies.

Depending on the organization’s ability to enforce policy governance, they can be enforced through different levels including policies, standards and guidelines. With the agreement from the customer, Maximus will make a revision to the existing information security policies as well as develop new information security policies. Optionally, Maximus is also able to develop technical standards as a means for customers to enforce technical controls over their ICT environment. 

Want to learn more how we can assist your organization in establishing a robust security governance? We're here to help.

We use cookies
Cookie preferences
Below you may find information about the purposes for which we and our partners use cookies and process data. You can exercise your preferences for processing, and/or see details on our partners' websites.
Analytical cookies Disable all
Functional cookies
Other cookies
We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. Learn more about our cookie policy.
I understand Details
Cookies