Information Security

Information Security Consultancy

Programme Management, Project Management, IT Security, Computer Security, Information Security, ISO 17799, BS 7799, Gap Analysis, Risk Analysis, Information security Standards, Education, Training, Business Continuity Planning, BCP, Health check

Conduct consultancy services in the following information security areas:

• Programme & Project Management
• IT Security Policy Development
• IT Security Procedures
• Risk Analysis
• HMG Information security Standards
• Business Impact Analysis
• Computer Security Audit
• Education and Training
• Business Continuity Planning

Risk Analysis Survey the risk exposure in a client's IT systems in terms of system continuity, penetration, hacking and theft of information. Programme & Project Management Project management for information security implementation. IT Security Policy Development. Develop a corporate IT security policy which reflects the needs of the business and its exposure to risk. IT Security Procedures
Develop detailed security controls and procedures for IT environments to comply with the ISO/IEC 1 7799:2000 - Code of Practice for Information Security Management. ISO/IEC 1 7799 and Gap Analysis and Health check reviews of Security Operating Procedures.

HMG Information security Standards
Give the complex nature of risk assessment in Information Technology, it is a baseline requirement that those responsible for securing protectively marked information will comply with the Information security Standard, which has been specifically tailored to the current HMG security environment. CESG CLAS Scheme consultant will work with clients to determine the appropriate levels of assurance to ensure that protectively marked information is adequately protected and to prepare Assurance Document Sets. Business Impact Analysis
Build a catalogue of threats and vulnerabilities relating to their business and the potential impacts.

Computer Security Audit
Conducting audits of business computing systems to assess their compliance with the ISO/IEC 17799 - Information Security Management. Education and Training
Provision of Information Security training courses at locations throughout the UK.
Providing in-house training courses for groups of staff in the organization.
In particular, tailor-made security awareness training for management and staff. Business Continuity Planning
Plan for a recovery of a business operations following a disaster that might befall the client's business systems and resources. Estimates suggest that 75% of businesses never recover from a major disaster.

Disaster Recovery and Business Continuity

Threat and Causes of disaster Security IT and disaster recovery consultant have extensive experience of preparing disaster recovery and continuity plans for clients from such varied backgrounds as banking, insurance, airlines, oil and gas facilities and investment houses. The key requirement is obviously to identify the main types of natural and man-made disasters that might overwhelm any company in a particular country, location or a particular kind of business.

The business impact analysis. The most important aspect, however, is the business impact analysis to identify which sections of the business actually contribute the most profit and contribution to the corporation and whose loss would undoubtedly cause the closure of the business. The recovery process and plan Once the business impact analysis has identified the most critical sections, departments, facilities or dependencies within the business then the continuity or the recovery programme can identify how these processes, systems, facilities or buildings can be duplicated, copied, backed up or replaced in the event of disaster.

It is also vital to recover not only the administration, computer facilities, data, systems and offices but to ensure that the customers and the actual business generation team is also retained. Plans will therefore concentrate on client and marketing recovery and ensuring retention of existing undamaged business while also recovering lost facilities that support other areas of the business. Methodology, training and testing The plan will consist of clear objectives, timescales and methodologies for the continuity or recovery of critical departments and functions of the business. Customer retention, sales continuity, communications and IT systems will all have special sections in the plan. Assist dissemination, briefing, distribution, training and testing of the plan.

Security for Ships

Statement of Capability for Ships, Ports and Harbours Security

It must be provided with ship and port security plans for a wide variety of clients.The services provided are listed below:

• Quantitative threat assessment for ports and port facilities in line with ISPS code.
• Security design and project management.
• Port security master planning and systems design and specification.
• X-ray container screening and passenger screening systems.
• Bomb threat response planning & explosive protection for container X-ray systems.
• IT security consultancy, disaster recovery and computerised risk analysis.
• Security cost reduction, consultancy and manpower reviews for port and port facility security.
• All forms of security training, project security and seminars for port and port facility security.

Security for Ships, Ports and Harbours: Benefits

Provide maritime services with the following major benefits:

• New and innovative cost saving risk analysis, design and specification techniques developed by the Consortium.
• Consultant with high skill levels and knowledge of the ISPS code and container screening and supply chain security needs but at lower overhead costs than other major consultancies due to the Consortium structure.
• Interpretation of the ISPS code to achieve compliance.
• Latest technological design and specification of multiple inshore security detection systems and long range alarm perimeter systems.
• An ability to provide both independent consultancy and systems evaluation as well as turnkey management of the installation of security systems necessary to comply with the code.

Aviation Security

Aviation Security

A security survey for the Aviation Security will include all aspects of perimeter, access control, CCTV, baggage screening, catering and cargo security as well as passenger screening and profiling.

The survey and report will consider the following elements of airport operations:

• Quantitative threat assessment for airports and airlines.
• Security design audit and project management for new and existing airport facilities.
• Aviation security master planning and systems design and specification.
• Baggage X-ray and checking systems.
• Airport security audits to ICAO standards and planning and systems to budget for and achieve full compliance.
• Bomb threat response planning & explosive protection for baggage X-ray systems.
• IT security consultancy, disaster recovery and computerised risk analysis.
• Security cost reduction consultancy and manpower reviews for aviation security.
• Necessary security training.

Anti -Terrorism

Anti-Terrorism

Much of Security work involves surveying, auditing and designing buildings, facilities, banks and corporate organizations headquarters against terrorism.

Anti-Terrorist Threat Assessment and Survey

An anti-terrorist survey is carried out in exactly the same way as a building survey but with much more emphasis placed on terrorist groups and their method of operation in the particular country in question. The threat assessment will identify threats to the business, the sector, location and staff and nationalities at risk and propose appropriate counter measures. An anti-terrorist survey will look at the threats and risks from car bombs placed outside or near to the premises, bag or briefcase bombs brought into the premises and attacks by terrorist groups using automatic weapons with the aim of killing or capturing members of staff in their workplace.

This service is particularly important in areas such as Saudi Arabia, Qatar, Thailand, Colombia, Brazil, the Philippines, Iraq and also the UK and western Europe and Turkey all of which have suffered severe terrorist bombing and attack campaigns over recent years. The survey will take particular account of methods of access control to properly identify staff and visitors before entering the facility and will use CCTV surveillance, video motion detection and may also use biometric access control cards or facial recognition and provision for staff vetting. It will also include a visitors’ access control procedure involving proper identification of visitors and procedures to escort and control them while on site.

Anti-Terrorism Planning

The plan will consider parking areas around buildings or facilities and the necessary distance or stand-off to reduce the level of damage caused by car bombs and to ensure they cannot be parked directly next to a building. The survey will also consider the searching of visitors and goods inwards to any facility using explosives sniffing detectors, metal detection arches and other specialised equipment to record number plates, under-car surveillance and the control of access to car park areas particularly those underneath buildings. Building strengthening and hardening against blast will also be considered as will designs and measures to reduce the damage and casualties caused by glass in explosions such as the use of film and blast absorption materials for buildings at high risk.

Anti-terrorism procedures including personnel and vehicle searches are also absolutely critical in high security information and training and procedures and the specification of equipment to achieve these objectives can also be supplied. Our anti-terrorist experience covers airfields, government offices, government regulators, oil and gas, buildings, banks, commercial organisations, ports, harbours, ships, communication centres, computer centres and nuclear facilities.

Building Security

Building Security

There must be an audit to be conducted in the buildings after a problem has occurred such as a burglary, terrorism, fire or vandalism to review all the security measures in place and to make recommendations for security improvements to prevent future occurrences. Security surveys and audits for new buildings or drawings of buildings prior to construction, to design and recommend security equipment, procedures, solutions, locks, doors, fences, glazing protection, access control, alarm systems and CCTV surveillance. These are to secure both the personnel and the assets of the company occupying the building including its information, assets, computer rooms, communications and IT facilities. A building security project always starts with a review of the threat and will then provide a full security report giving a strategy, policy and security plan and options together with budget prices for discussion and selection and approval by the person. Our suggestion is to produce a security plan and solution that will neutralise the threat at the most cost-effective price and in the most cost-effective way. We are conscious of clients' budgets and our objective is to provide the highest level of security at the lowest budget cost. About half of the work is carried out from drawings and so we very often work as part of the Design Team with the Architects and the Consulting Engineers.