As we return to work and some businesses are getting back to normal, it is tempting to focus on the future, driving the business forward, especially if positive things are happening such as projects coming back online or even new prospects...
Creating a formal Lessons Learnt agenda is worthwhile and we would like to influence the agenda; at the very least, this will help demonstrate the assurance your stakeholders are seeking, ultimately restoring confidence.
As auditors, we have seen countless business continuity plans, mainly IT bias and all having a seasonal flu pandemic; but rarely with any emphasis on a novel virus. Nevertheless, from our perspective, most businesses have performed well with their IT but the scope and scale of remote working has created a new narrative on 'information security' risk. In this context we should be thinking about information security risk differently; especially as the exit strategy from the 'EU project' materialises, impacting our interpretation of the UK's data protection act Vs. the EU's general data protection regulation.
At no cost or obligation, we are offering a briefing session on ISO's standard for Information Security-ISO 27001.
We can accommodate several target audiences from C level/functional leads to the wider staff.