Policy and Documentation
Principles are grouped into three disciplines:
Our methodology ensures that security documentation is linked to security risks faced by our clients, compliance requirements and is fit-for-purpose given the intended audience. As part of our development methodology, Detica tests security documentation produced to ensure:
Detica delivers security documentation in accordance with suggested documentation frameworks in Australian Government security publications such as ISM or can develop documentation in accordance with specific documentation frameworks used by our clients (e.g. ISO 27001).
We use a similar framework for the review of ICT security and related policy documentation. Our review of policy documentation links policy back to risk and compliance requirements and considers whether policy documentation is both understandable and measurable.
Strategy and planning
The Detica approach to security strategy development is closely aligned with traditional business strategy development and can be used in the consideration of any new security and/or ICT capability including:
Our approach ensures that executives are empowered to make strategic decisions in relation to security based on response to five key business questions:
The Detica methodology for strategy development is illustrated in the figure below:
Contact us at firstname.lastname@example.org or on 1300 027 001 for more information.
To find out more about the security strategy products and technical services we offer across the globe, visit the BAE Systems Detica website here.
Securing a Connected World
Design and development by Get Started