Compliance is a journey, not a destination and that journey doesn’t end when you attain certification.
Opt-Sec Compliance Systems will send you updates and keep you current with developments in your chosen Compliance Policy and provide a living system to help you stay compliant, through Audit after Audit, as your business grows and evolves.
Policies change! As thinking evolves, new best practices emerge, and technology advances, so the Policies which dictate standards will also change. The malicious minority, who aim to penetrate defences and breach security to gain access to sensitive information or deliberately disrupt its proper usage, do not stand still. They are constantly sharpening and honing their attacks and we all need to constantly upgrade and improve our defences.
This means that, although changes to Policies may present additional work on an ongoing basis, this work should be welcomed and embraced.
Opt-Sec keep a constant watch for any changes to Policies, Processes and Technologies that will effect a wide range of Compliance Standards.
As policies change, so the Opt-Sec Compliance Systems will be updated. Our aim is to ensure that our Systems constantly reflect the Policies that they help you to manage.
Purchasing an Opt-Sec Compliance System with the accompanying annual Support entitles you to all system Updates as well as major Upgrades. We will notify you of any new software as soon as it is released and make it available for download so that you can quickly and easily update your system. Wherever possible, we will seek to merge the updates into active system data. If the nature of the change is such that this is not possible, we will provide as much guidance as we can on how to integrate your existing information to take account of the changes.
We have already compared Compliance with learning to drive - is it about "passing the test" or is it about "being safe every day on the dangerous roads".
Obviously gaining Cetification is important and it is often critical to your organisation's ability to do business and grow. The idea behind the the creation of Policies, the formation of Standards Organisations, and the enforcement of those standards through Audits however is not to generate certifications but to encourage the adoption of new behaviours and a more security-aware approach to everything you do.
So we could also compare Compliance with personal fitness - if you go on a diet and visit a gym for a short time but go back to your old habits once you achieve your target weight, you will very quickly gain fat and get out of shape again. Repeating this futile pattern over and over again will actually damage your health in the long term and make you more vulnerable to illness.
We, at Opt-Sec, appreciate the need for organisations to ensure that their information is secure. We also know, from experience, that this needs every person in that organisation to make "lifestyle" changes to the way that they approach security.
Opt-Sec Compliance Systems have been designed and created with this ethos in mind. Our aim is that you learn about Information Security through using our systems to become Compliant, that you adopt new secure behaviours through implementing the actions suggested by our systems and that, having used our systems to gain compliance, you keep the constantly evolving security needs at the front of your mind as you go about your work, staying compliant, and staying secure, with our help.