Governance, Risk & Compliance

Governance, Risk & Compliance:

Governance, Risk and Compliance (GRC) is a critical investment to ensure continuous growth, sustainability and value to your organisation.

We assess your organisation’s resources and validate the adequacy of your capacities to manage all Cyber Risk, ensuring you are protected from both internal and external threats.

RightSec will assist in modelling current threats and helping to understand risks to your business, we can help create or review your risk registers and ensuring that sufficient assurance controls are in place.
Our team helps with the assessment, planning, and implementation of information security strategies with compliance to the applicable standards and regulations. Modelling current threats and understanding risks to further aid your business.

RightSec supports you with maintaining the integrity and privacy of sensitive and personal data within your organisation, by helping you comply with:

  • Australian Privacy Principles (APP),
  • General Data Protection Regulation (GDPR), and
  • California Consumer Privacy Act (CCPA)
  • Standards & Regulations RightSec helps you comply with:
  • ISO/IEC 27000 Family of Standards
  • National Institute of Standards and Technology Cyber Security Framework (NIST CSF), and
  • NIST Special Publications (SP)
  • APRA CPS 234 -CPS 234 is a mandatory information security regulation issued by the Australian Prudential Regulatory Authority (APRA).RightSec will help your organisation complete  assessments detailing the state of your security operations and capabilities as they relate to the APRA CPS 234 regulation.
  • SOC 2 Type I & II
  • ASD Essential Eight- is a series of baseline mitigation strategies recommended for organisations by the Australian Govt. Implementing these strategies as a minimum makes it harder for adversaries to compromise systems and RightSec will help you do this. (Gap Analysis and consultation only, not an authorised IRAP assessor.)