Bespoke security assessment

 

Information Security team

Improving information security in a complex and devolved environment is something that often can’t be achieved alone. The Information Security Team (IST) can support your division, department, faculty or college to review your information and IT security risks.

 

 

What we offer

InfoSec offers a bespoke security assessment service to provide assurance that your data and systems are appropriately protected from malicious attacks and accidental breaches.

Whether you’re concerned about the security of an entire college, department or faculty, the security impact of an ongoing project, or just need an independent set of eyes to ensure that changes haven’t had a detrimental impact on security, we will tailor our assessment to meet your requirements.

Bespoke assessments include on-site interviews with personnel and verification of security controls. The results are presented in a comprehensive report detailing risks and prioritised recommendations.

Benefits for you

  • Bespoke assessments tailored to your specific business requirements and drivers
  • Direct access to information security experts who understand the University context
  • Assurance that your department, team or project is working in accordance with information security best practices
  • Identifies vulnerabilities that could lead to information security incidents
  • Prioritised, actionable recommendations so you can plan for and implement tangible security improvements
  • Standardised tests based on industry-recognised best practices
  • Extremely cost-effective service compared with external consultancy services

How it works

The service is available to all parts of the collegiate University. Typically, assessments include:

  • Initial engagement and scoping
  • Comprehensive documentation review
  • On-site interviews with key stakeholders and personnel
  • On-site testing and verification of technical security controls
  • Comprehensive report detailing risks and prioritised recommendations
  • Executive summary for management of findings and recommendations

What you need to do

If you are interested in this service, or want more information, please contact us with a high-level description of your requirements and business drivers at grc@infosec.ox.ac.uk.