Ideal for

  • Companies which have significant usage of information technology, but have yet to align Information Security with Data Protection
  • Companies interested to discover any risks or vulnerabilities in their existing IT infrastructure
  • Companies with minimal IT involvement but process or store lots of documents with personal information

What it covers

  • Documentation of information assets especially those containing personal data
  • Privacy Impact Assessment on IT project
  • Information security risks assessment based on ISO 27001/2
  • Recommendations & Risk treatment to address threats and vulnerabilities
  • Customisation of Information Security Policy for both electronic & physical documents (following ISO 27001/27002 standards)
  • Customised Security notices for PDPA awareness within the organisation
  • Data Protection & Privacy recommendations based on Privacy by Design
  • Includes access to Straits Interactive’s Data Protection Management System (DPMS) to manage end to end information security, including audit and response management
  • Online eLearning covering information security for operational staff

Note: All our advisors or trainers are Certified Information Privacy Managers or Technologists