Compliance

A Ticket To Compliance

InfoAware has been developed to satisfy the compliance requirements for information security awareness training that are increasingly forming a part of national and international standards in Corporate and IT Governance.  For example:

 

Sarbanes Oxley

InfoAware was originally developed to provide a straightforward and cost effective way for some of Sphere International Group's multinational clients to comply with the information security awareness training requirements of the Sarbanes Oxley Act ("SOX").

 

ISO 17799 and 27001

Control 5.2.2 of ISO 27001 requires that management and staff across the organisation are aware of their role in supporting the information security regime.  Similarly four out of the ten listed success factors in the ISO 17799 standard highlight the necessity for training and awareness raising on security issues across the organisation.  InfoAware enables these requirements to be achieved efficiently and cost effectively, and provides a demonstrable audit trail of all information security training activities to prove compliance.

 

Queensland Government Information Security Standard (IS 18)

Principle 4 of Queensland government's IS 18 standard requires that government agencies "implement induction and ongoing training and security awareness programs, to ensure that employees are aware of and acknowledge their security responsibilities..."  Complying with this requirement can put a major burden on the training and IT department resources of agencies, particularly those with a large and distributed user community.  One of Queensland's largest agencies has adopted InfoAware as the ideal solution to complying with this requirement, and it is anticipated that more will follow suit.

 

 

 

 

.