Information Security, Risk Management
Governance and Audit.
OVERVIEW
INFORMATION SECURITY
RISK MANAGEMENT
GOVERNANCE
AUDIT
BRIEF
“Information is your organizations most valuable asset so why not protect it in the same you way you protect your physical assets?
Yew Tree Services can help you make the most of your information by making sure it is there when you need it and managed in line with international standards and legislation.”
www.yewtreeservices.co.uk
HOME
ABOUT US
STANDARDS
CONSULTATION
RESOURCES
CONTACT US

Overview

Yew Tree Services provides support and consultancy for the processes that businesses need to have in place to compete in today’s global markets.

  • Information Security

    With businesses increasingly reliant on information, and the systems and processes that provide it, in order to function; Information is now businesses single most important asset.  Information Security protects this asset from a wide range of threats in order to allow the organization to continue its business processes and develop new ideas.
  • Risk Management

    All business activities carry a degree of risk.  The simplest and possibly best definition of risk is :

    ”The possibility of loss, injury, disadvantage, or destruction”

    Apply this definition to the issues of business management and you have the starting point for successful risk management.
  • Audit

    An information security audit is an examination of the controls within an entity's Information management infrastructure.  It is the process of collecting and evaluating evidence of an organization's information systems, practices, and operations. By evaluating the results of the audit against the declared intentions of the businesses information management processes it can ensure whether the organization's information systems safeguard assets, maintains data integrity, and is operating effectively and efficiently to achieve the organization's goals or objectives.
  • Governance

    The discipline of information governance derives from corporate governance and deals primarily with the connection between business focus and information management within an organization. It highlights the importance of information management matters in contemporary organizations and states that information assets and their associated risks should be clearly defined and owned within the organization

We work to international standards, including:

  • ISO/IEC 27001

    ISO/IEC 27001 is a standard setting out the requirements for an information security management system (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties including an organisation’s customers. It is suitable for many different types of organisational use and is unusual in that it does not have to be adopted in it’s entirety to achieve compliance.

  • BS25999

    BS25999 describes the activities in and 'outcomes' of establishing a business continuity management process, and provides a series of recommendations for good practice.

  • Payment Card Industry Data Security Standard (PCI DSS).

    The PCI Data Security Standard is a common approach to safeguarding sensitive data initiated by Visa and MasterCard and now adopted by the major card brands. PCI DSS requirements apply to all merchants, and service providers that store, process, or transmit cardholder data.
Copyright © Yew Tree Services 2007 | Privacy Policy | Terms of Use | Contact Us