IRAP compliance for national service provider

We’ve been busy! Have a read of this new case study to see how DotSec guided the development of an IRAP-compliant information security management practice (including policies, procedures and infrastructure) for a multinational service-provider, on a tight schedule and fixed budget, and without interruption to the client’s national business-as-usual activities. We have provided plenty of information about the IRAP program in a previous post so we won’t re-hash it here.

Read More…

Information Security Registered Assessors

The Information Security Registered Assessors Program (IRAP) provides a framework that allows qualified and certified assessors to provide assessment services, particularly with reference to the Australian federal government’s Information Security Manual (ISM) and Protective Security Policy Framework (PSPF). The IRAP program is managed by the Australian Signals Directorate (ASD). An increasingly wide range of businesses are being required to become compliant with controls (either all, or more usually, a subset)

Read More…

We’re keen if you are! Another job ad!

So, we put an ad out in December last year, and we were lucky enough to appoint an excellent candidate. Now, three months later, we need another person! Would you would like to learn new things, meet meaningful challenges, and be supported by some seriously smart and very experienced infosec professionals? Then please have a read of our job ad which we’ve posted on Seek. We wrote the ad based

Read More…

What’s new in PCI DSS V3.2

Introduction – A new version of the PCI DSS With the April release of Payment Card Industry Data Security Standard (PCI DSS) version 3.2, organisations should now be reviewing their PCI compliance obligations. This article explains some of the key DSS changes that PCI DSS-compliant organisations should understand. To ease the pain of the review process, the Standards Security Council (SSC) provides a summary of the changes in their on-line document library. You can get to the library at the following URL: https://www.pcisecuritystandards.org/document_library You can find the latest “PCI DSS Summary of Changes” document in the “Supporting Documents” section of the library. Details regarding the changes There are 58 changes between v3.1 and v3.2 of the DSS. The vast majority of those (51 in total) are minor changes which provide

Read More…