Services
THOUGHT LEADERSHIP
Research Papers, Advisory Services: Helping navigate the increasingly data-driven world as innovative, thoughtful and trustworthy providers of products and services.
Policy and Law Reform: Providing expert and practical privacy and cyber security advice in the policy and legislative domain.
GOVERNANCE, STRATEGY, AND TRANSFORMATION FOR PRIVACY AND CYBER SECURITY
Governance, Strategy and Programs: Implementing strategies that fit risk profiles and appetites and enable trusted engagements with customers using privacy and cyber security governance frameworks.
Policies and Procedures: Developing clear and practical privacy and cyber security policies, procedures and communications, tailored to regulations, needs, and risks.
Capacity Building: Enhancing an organisation’s privacy and cyber security functions through knowledge and skill transfer in different settings and mediums.
Training and Acculturation: Providing training on a variety of privacy and cyber security topics, including tailored training provided in consultation with organisations and generally available training.
See our Training page for details of generally available sessions.
Privacy or Cyber Security Officer as a Service (POaaS or CSOaaS): Providing on-demand key management roles in a cost effective and efficient manner, giving immediate access to an experienced and credentialed (AISA, BCI, IAPP, ISACA) team.
PRIVACY, CYBER SECURITY AND ARTIFICIAL INTELLIGENCE (AI) RISK ASSESSMENTS
AND TRANSFORMATION
Privacy and Cyber Security Health Check: Assessment or audit of organisational practices, procedures, controls, and systems, and providing innovative and practical solutions to promote consumer, board, and regulator confidence.
Privacy Impact Assessments: Assessing the impact of new technologies, products, and operational processes on the management of personal information.
AI Impact Assessments: Assessing the impact of building and/or using AI, taking into account benefits, risks and key considerations such as privacy, security, safety, fairness, transparency and accountability. May be combined with a PIA where the project involves the collection or handling of personal information.
Vendor Management and Third-Party Risk Assessments: Assessing risks and/or compliance using standards (ISO 27001 or 27002, NIST CSF, APRA CPS 234, AICPA SOC2, and other government and industry-specific standards) to improve privacy and security posture.
PRIVACY AND SECURITY BY DESIGN
Privacy by Design (PbD): Engaging with operational staff, developers, designers, engineers and management to implement PbD elements from the start.
Security by Design (SbD): Advising on how to implement SbD, by embedding it within information technologies, business practices, and infrastructure from the start.
These services may be combined with a PIA.
IDENTITY MANAGEMENT
Providing world-class services in citizen centric identity management and ensuring trust in e-government with our access to the most up-to-date and detailed intelligence about public and private sector global developments.
DATA BREACH, CRISIS MANAGEMENT, AND RESILIENCE
Data Breach and Crisis Handling: Advising on cyber and data breach incidents, crises, or complaints, how to prevent future incidents, and how to respond appropriately to affected individuals, privacy regulators, and other external stakeholders.
Resilience: Providing Organisational Data Resilience Assessments of resilience maturity, including business continuity and disaster recovery strategies.