PREPARE FOR, AND COMPLY WITH
THE VPDSS STANDARD.
The Victorian Protective Data Security Framework requires a number of ongoing, operational activities to ensure adequate protection of information.
Loop can assist with validating progress against targets and compliance goals advised when the mandatory compliance reporting submissions were provided to OVIC prior to August 31, 2018.
We have extensive experience helping Victorian Government Organisations plan out and deliver progress against VPDSS compliance, through a range of consulting services focused on implementing the following foundational elements of your VPDSS Compliance Program:Standard 1 – Security Management Framework
Standard 2 – Security Risk Management
Standard 3 – Security Policy and Procedures
MANAGED SECURITY SERVICES
In addition to Consulting assistance, Loop has a number of Managed Security Services which address components of the standard, some of which are outlined below:
STANDARD 4 - INFORMATION ACCESSIAM-080 Organisations actively manage privileged access accounts and ensure separation from normal access accounts.
HOW LOOP ASSISTS:
Our Managed Detection & Response (MDR) Service helps detect changes to normal and privileged accounts, aiding in automating and auditing this management.
STANDARD 7 - SECURITY INCIDENT MANAGEMENT
Security Incident Management requires, among outcomes:SIM-040 Security incident management policies and procedures, which
SIM-070 Organisations monitor and review security incidents and investigations to validate and update security incident management procedures and activities.
HOW LOOP ASSISTS:
STANDARD 17 – INFORMATION COMMUNICATIONS TECHNOLOGY (ICT) LIFECYCLEICT-040 Organisations have an ICT system accreditation framework for systems transmitting, processing or storing security classified information. [Loop's Vulnerability Management Service (VMS) and Penetration Testing services are useful precursors to accrediting platforms]
ICT-050 Organisations manage vulnerabilities to their ICT systems throughout the ICT system lifecycle. [Loop VMS delivers this outcome]
ICT-100 Organisations have hardened standard operating environments (SOEs) for workstations and servers commensurate with security risk. [Loop VMS automates auditing that these SOEs remain in place and effective]
ICT-120 Organisations have system logging and monitoring to record events. [A key outcome of Loop MDR]
ICT-170 Organisations have malware prevention and detection software installed on all ICT systems. [A key outcome of Loop's Endpoint Protection Service]
STANDARD 6 – SECURITY TRAINING AND AWARENESSSTA-010 Organisation’s training policies and procedures include security training and awareness.
STA-020 Security training and awareness is delivered to all persons, upon engagement and regular intervals thereafter.
HOW LOOP ASSISTS:
We can develop a customised Security Training and Awareness policy and procedure that is compliant with Standard 6.
We also have training and phishing platforms to help deliver the training in line with Standard 6 requirements, for both employees and developers.
If you would like to discuss any of this further please reach out and we can arrange a time to talk.
PRESENTERS: PATRICK BUTLER, CEO & SARAH MORRISON, GRC MANAGING CONSULTANT
LEARN HOW TO:
- • How to gain ISO27001 certification, invest strategically and maximise the business benefits
- • The common pitfalls when gaining compliance and how to avoid them
- • How we are helping other clients reach certification with ease
OTHER GOVERNANCE, RISK & COMPLIANCE SERVICES -
TAILORED SERVICES TO STRENGTHEN YOUR SECURITY POSTURE
SECURITY AWARENESS TRAINING PROGRAM
Loop Secure can help by building your Security Awareness Strategy and educating your staff to ensure that your people are fully briefed on your IT security strategies, frameworks and policies.
Loop Secure has developed an innovating approach to deliver continual compliance against PCI DSS. We make it easy, by ensuring all of your compliance is handled, and you’re providing the maximum security when processing your customer payments or handling customer data.
CYBER RISK MANAGEMENT
By developing and implementing a Cyber Risk Management program, Loop Secure ensures your organisation is delivering the right level of security.
LOOP GUIDE - ISO27001 CONTINUAL COMPLIANCE
Download our free guide to ISO27001 Continual Compliance to help you answer your most important questions about the service.
Accelerate Business Growth with customer confidence and Trust.
Delivering you accredited Qualified Security Assessors to continually manage, monitor and track your PCI compliance. Speak to our consultants to ensure you remain compliant.
CYBER-ATTACKS CAN HAPPEN ANYTIME. BE READY TO RESPOND.
Australian based 24x7 security operations centre. We help to defend against advanced threats & protect your business with our (SOC) Security Operations Centre and (DIFR) Team.