RFFR/ISO 27001 Risk & Compliance Assessment: 6-12 Months

Not-for-profit organisations providing employment skills, training and disability employment services must abide by the Department of Education, Skills & Employment’s (DESE) ISMS scheme. The scheme calls for providers to gain ISO 27001 & RFFR certification in order to secure future funding and tenders.

eStorm Australia assists organisations by providing targeted compliance and risk assessments, leveraging Microsoft 365 & Azure security tools, and tailoring a security road map that increases cyber security maturity and achieves compliance.

🔹 INCLUSIONS 🔹

1. An assessment of your existing security posture
2. Tailored mitigation strategies to boost your cyber security and information security posture
3. Implementation of Microsoft 365 & Azure security solutions essential for Governmental compliance
4. Compliance to the regulatory control methods outlined in ISO 27001 & RFFR as necessitated by the DESE ISMS scheme

🔸 FEATURES 🔸

✔ Microsoft End User Risk Assessment: an assessment of your current security processes in the Microsoft Office 365 suite to identify security controls that can and should be implemented to secure Office 365.

✔ Comprehensive Cyber Security Assessment: an initial detailed security assessment that - Identifies risks posing a genuine threat to your objectives - Uncovers gaps where your security controls are inadequate - Identifies the right suite of Microsoft and Azure tools to achieve accreditation

✔ Compliance strategy: an assessment that prioritises the implementation of the ISO 27001 & RFFR control methods and validates proposed or implemented solutions in order to verify they meet the gaps in your security practices.

✔ Microsoft 365 & Azure Security Solutions: Adhering to Microsoft’s ‘Zero Trust’ security model by leveraging and implementing Microsoft security solutions that facilitate the certification of ISO 27001 & RFFR.

✔ Statement of Applicability: Assess the applicability of security controls outlined in the Australian Government’s Information Security Manual, implement the controls applicable to your organisation, and create your Statement of Applicability

🔹 BENEFITS 🔹

• ISO 27001 certification
• RFFR & DESE ISMS scheme accreditation
• Visibility of your organisation’s cyber security posture and maturity
• Long-lasting cyber security & information security processes that are pertinent to your organisation
• Implementation and deployment of Microsoft technology following Microsoft’s recommended ‘Zero Trust’ security model

NOTE: This project is estimated to take 6 months, but duration may vary depending on a number of different factors (e.g. your cyber security maturity, current Microsoft security measures, and existing progress or certification for ISO 27001).