Get expert cyber guidance when attaining ISO 27001:2022 certification
From one of the first organisations in Australia to achieve it
100% of our clients have successfully achieved certification. Let us help you sail through the process with several members of our team being qualified ISO 27001 auditors. We are very familiar with the process, pitfalls and how to successfully acquire the certification.
The MyEmpire Group difference
"We’re big enough to support all manner of businesses, from ma and pa’s to enterprise, but small enough to still obsess over detail."
We don’t obsess over detail to the point of paralysis, but we do take great pride in delivering exceptional work. And it’s not just because we get a thrill receiving elated client feedback, although that’s something we all share in common. Primarily it’s because we genuinely care about building cyber security systems that protect businesses. That means really learning your business and your people so we can develop a cyber security strategy suited to you, not a close-enough template pulled from a file. That’s what makes us different; we only feel satisfied when we know a job’s been done right.
Our People
Our cyber security specialists are a mixture of seasoned veterans, many with 30+ years’ experience in IT, management and security. We also have young faces on the team, our rising stars–those whose talents we recognised early and chose to invest in.
Beyond being experts in their fields, our people share a few things in common, a result of how we hire. Prior to any skills being tested in an interview, we look for personable people. Authentic, honest people who are passionate about their field and good communicators. In other words, we look for people who light up when they talk about their line of work. People whose passion is contagious. Only candidates who meet this criteria are taken through the typical interview steps where we probe skills and work history.
Leadership Team
Alex Woerndle
HEAD OF OPERATIONS
(CO-FOUNDER & DIRECTOR)
Alex is an experienced director, IT consultant and infosec professional. He provides security management and leadership to a range of organisations from start-ups through to governments and ASX50 listed enterprises. He has also served over 10 years in voluntary roles as a Non-Executive Director of the Australian Information Security Association,.au Domain Administration Ltd and the Australian Conservation Foundation’s Finance, Audit and Risk Committee.
Carl Woerndle
HEAD OF SALES AND MARKETING
(CO-FOUNDER & DIRECTOR)
Carl has more than three decades’ experience in IT, security and business leadership. Prior to MyEmpire Group, he and Alex built DistributeIT which held approx. 10% market share of .com.au domains. As well as a business owner and manager, Carl has worked as a Cyber Security Advisor consultant for Deloitte. He is a regular keynote speaker on cyber security.
Chris Self
HEAD OF SERVICE DELIVERY
Chris is a highly experienced information security principal. He has worked as a senior cyber security consultant for KPMG, CQR Consulting (now part of CyberCX) and Deloitte. Prior to starting with MyEmpire Group, he was the Information Security Manager at Adelaide Airport where he led a full rebuild of the airport’s cyber security processes and infrastructure. Chris holds a master’s in information systems security and a number of information security certifications, including CISSP and CRISC.
Why ISO 27001?
Improve your organisation's risk posture
ISO 27001 is a set of best practices for information security management. It provides organisations with a framework for identifying, assessing, and mitigating risks to their information assets. By implementing the controls recommended by ISO 27001, your organisation can reduce the likelihood of a security incident taking place and minimise the impact if an incident does take place.
Our steps to help your organisation with ISO 27001 certification
1. Get to know your business
We take time to really get to know your organisation—your people, processes, goals etc. We understand your systems and documentation, interview leaders in your company, run workshops to understand how the whole ecosystem links together.
2. Discovery
Once we have a thorough understanding of your organisation, our consultants will capture specific details of how cyber security is managed throughout your business. This is where we look at what your organisation has in place today in terms of cyber security compared to the requirements of the ISO 27001 standard. With this information, a tailored roadmap of implementation is formed.
3. Identifying the things that matter
Next our consultants will start to get very familiar with your risk management system. We address questions like what information assets does your organisation have? What are the threats to these assets? What are the vulnerabilities of these assets? What is the likelihood of each threat occurring? etc. This helps us develop a risk management plan tailored to your organisation’s specific needs.
4. Governance and documentation
Next, we set up an ISO 27001 governance framework that steers everything else in your cyber security practices. We’ll then work through all the documentation required for ISO 27001 certification. We tackle each topic to ensure we are not only ticking the compliance boxes for ISO 27001 but also building something that can be used to further protect your business in a worst-case scenario.
5. Training and transferring knowledge
We help with training your team and transferring knowledge to ensure everyone in your company is being brought along for the journey. We also help upskill the key operators of your management system to ensure they are confident maintaining the ongoing ISO 27001 policies.
6. Ongoing audits and cyber maintenance
Once certification is achieved, we can support your organisation with ongoing maintenance of your information security management system. This includes helping with evidence collection and policy updates, and conducting internal audits which are required to support ongoing maintenance of the ISO 27001 certification. It means you can get on with other things and be confident your organisation is cyber protected.