Benefits: IT Director, CIO or CTO

The CTO's perspective:

“Information security management is a constant challenge, trying to keep on top of the changing risks and threats to our organisation whilst ensuring the policies and processes keep pace with the changing landscape..”

What are your trying to achieve?

Ensure those in the business that need to adopt the new ISO 27001 processes and policies have done so and understand them. This is a whole organisation endeavour, the whole organisation needs to buy into it from top-down.

Managing ISMS and the Information and Tech organisation line with business strategy is not an easy task as I am always adopting and adapting new processes to ensure information security compliance. We are a mature business and I believe we are in good shape, so we need to validate and improve the IS processes we already have and adopt new ways of doing things where we find gaps. Doing this with efficiency is key – both in understanding the gaps and setting up the ISMS for the future management of it.

What are your pain points?

My focus is the protection of company and customer information assets and maintaining operational service levels across the entire organisation.

We have several software products developed across multiple geographies – One of the biggest challenges is a distributed workforce where staff are now fully mobile and there is a lack of control on devices and behaviours while working from home. In this changing environment, it is critical to continuously manage and understand the risks facing our organisation.

My focus is on achieving and keeping ISO27001 which is a time-consuming process.

Threat and incident management is also a challenge as this touches all organisational units in the business. Daily, I have concerns about where our data is going, what our staff and users are doing with our systems.

How could Hicomply benefit your business?

Hicomply can help me understand the gaps in my current IS processes and ensure we identify and address the risks we face as an organisation. I can also have visibility across the ISMS and will see reports on employee engagement with the process, that they have undertaken the ISO27001 training, that they have read the policies pertaining to their job function. It’s no good having policies and processes if they are not living documents that are read and understood. The other main benefit will be the knowledge that we are working at this continuously and efficiently – and always improving.

How could Hicomply benefit your role?

Operational service levels and Information security are my main responsibility, any tools that can help me maintain systems availability and protect information security are of benefit to me. ISO27001 software is a core component in our information security tool kit.

Transform your business