Become Right Fit for Risk (RFFR) & ISO 27001 accredited, address compliance risks, and secure your endpoint devices/users in Microsoft 365 with eStorm’s RFFR & ISO 27001 Risk & Compliance Assessment
Not-for-profit organisations providing employment skills, training and disability employment services must abide by the Department of Education, Skills & Employment’s (DESE) ISMS scheme. The scheme calls for providers to gain ISO 27001 & RFFR certification in order to secure future funding and tenders.
eStorm Australia assists organisations by providing targeted compliance and risk assessments, leveraging Microsoft 365 & Azure security tools, and tailoring a security road map that increases cyber security maturity and achieves compliance.
🔹 INCLUSIONS 🔹
🔸 FEATURES 🔸
✔ Microsoft End User Risk Assessment: an assessment of your current security processes in the Microsoft Office 365 suite to identify security controls that can and should be implemented to secure Office 365.
✔ Comprehensive Cyber Security Assessment: an initial detailed security assessment that - Identifies risks posing a genuine threat to your objectives - Uncovers gaps where your security controls are inadequate - Identifies the right suite of Microsoft and Azure tools to achieve accreditation
✔ Compliance strategy: an assessment that prioritises the implementation of the ISO 27001 & RFFR control methods and validates proposed or implemented solutions in order to verify they meet the gaps in your security practices.
✔ Microsoft 365 & Azure Security Solutions: Adhering to Microsoft’s ‘Zero Trust’ security model by leveraging and implementing Microsoft security solutions that facilitate the certification of ISO 27001 & RFFR.
✔ Statement of Applicability: Assess the applicability of security controls outlined in the Australian Government’s Information Security Manual, implement the controls applicable to your organisation, and create your Statement of Applicability
🔹 BENEFITS 🔹
NOTE: This project is estimated to take 6 months, but duration may vary depending on a number of different factors (e.g. your cyber security maturity, current Microsoft security measures, and existing progress or certification for ISO 27001).