Align

MyEmpire are experts in aligning organisations with a range of global
frameworks and standards.

MyEmpire are experts in aligning organisations with a range of global frameworks and standards.

Symbolic badge of security verification protecting data and documents.

ALIGN

ISO27001

A formal, documented, and practiced approach to information security can provide organisations with confidence that risks are being effectively managed. ISO27001 provides a globally-recognised risk-focussed approach to managing information security. Aside from the structure and resiliency benefits ISO27001 can provide, certification to the standard also provides market competitive advantages for organisations.

Whether you are seeking alignment or full certification to the ISO27001 standard, MyEmpire has extensive experience to assist in designing, implementing, and operationalising your Information Security Management System (ISMS).

MyEmpire’s services include:

  • Development of mandatory documentation including policies and procedures
  • Design and development of baseline security standards
  • Conduct Asset and Risk Assessments
  • Development of mandatory registers and supporting records
  • Internal audit
  • Support governance meetings
  • Support operational aspects of your ISMS
  • Support and guiding clients through certification audits.

Essential 8

The Australian Cyber Security Centre has developed the Essential 8 to provide guidance to organisations on how to protect themselves against various cyber threats. Government entities are required to align with the Essential 8, and for private organisations, it is increasingly being recognised as an effective framework to establish baseline cyber security controls.

How we work

MyEmpire works with organisations across the private and public sectors to support implementation people, process, and technology controls – to support alignment with the 3 maturity levels across the 8 mitigation strategies:

  1. Application Control
  2. Patching Applications
  3. Configure Microsoft Office Macros
  4. Application Hardening
  5. Restrict Administrative Privileges
  6. Patch Operating Systems
  7. Multi-Factor Authentication
  8. Regular Backups

MyEmpire’s services extend from assessment of controls through to identification, supply and supporting implementation of technical solutions.

APRA CPS 234

APRA-regulated entities are responsible for taking measures to be resilient against information security incidents by maintaining an information security capability aligned with their information security vulnerabilities and threats. Responsibility for compliance with Prudential Standard CPS 234 rests with the boards of APRA-regulated entities.

MyEmpire supports APRA-regulated entities across audit, implementation, and ongoing operational support. MyEmpire can also support implementation of specific programs and controls to ensure an APRA-regulated entity meets specific requirements of the Standard.

 

Cyber Essentials

Cyber Essentials is a UK Government backed scheme that helps organisations protect against a range of the most common cyber-attacks. The scheme provides multiple levels of compliance, ranging from self-assessment through to certification through the IASME Consortium. Certification provides assurances to stakeholders that you have a program in place to manage cyber security risks.

MyEmpire works with organisations to support implementation of controls – people, process, and technology controls – to support alignment with, and certification to, the Cyber Essentials scheme.

Critical Infrastructure (SOCI)

Changes to the Security of Critical Infrastructure Act 2018 (SOCI Act) established increased obligations for the security of critical infrastructure in Australia and expanded the definition of who is considered a critical infrastructure provider.

MyEmpire supports organisations falling under SOCI with a range of implementation services to support compliance, including:

  • Developing incident response plans
  • Conducting incident response exercises
  • Conducting vulnerability assessments and penetration tests
  • Implementing governance, risk and compliance programs.
How we work

NIST CSF

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) provides a robust and comprehensive approach to information security management and operations. The CSF focuses on five key security domains to support an organisation establish an information security management system:

  • Identify – Develop an organisational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities
  • Protect – Develop and implement appropriate safeguards to ensure delivery of critical services
  • Detect – Develop and implement appropriate activities to identify the occurrence of a cybersecurity event
  • Respond – Develop and implement appropriate activities to take action regarding a detected cybersecurity incident
  • Recover – Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.

NIST CSF provides a globally-recognised risk-focussed approach to managing information security, through the recognition of current and target state maturity aligned to organisational risk appetite.

MyEmpire’s services include:

  • NIST CSF gap and maturity assessments
  • Alignment and uplift roadmap development
  • Creation of key framework documentation including policies and procedures
  • Support the implementation of remediation activities.

Let's Start Your Journey Today