Operational Strategy and Process

Building solutions that work.

There is nothing so useless as doing efficiently that which should not be done at all

Peter Drucker

A sound strategy, and supporting polices and processes can form the backbone of an effective information security program. However, far too often organizations have reams of documents processes and strategy, none of which can be implemented, or worse, is implemented but does not deliver as promised so goals are not met. As with everything we do, we design strategies and processes that can be implemented and will work as planned. Our teams experience has shown us what works, how it works, and why it works.

Often, we assist organizations with developing strategies and processes following an assessment and/or the identification of systemic issues.

Problems can be identified in a number of ways - security/risk assessments, audits by third parties, securirty incidents, etc.. - Strategies and processes can often form the foundation of the remediation for these issues..

Once a strategy/process has been developed it needs to be implemented. A written process is useless if it is only that. OccamSec can assist in the implementation of strategies and processes to address security problems. Once implemented a review is recommended after a specified period to meausre the solutions effectiveness and make any changes required (given the rapidly changing security landscape modifications are often required to address new threats).

Our services in this area include:

Temporary CSO

ISO 27001 pre certification assessment

Risk assessments


Security policy development and implementation

Enterprise security strategy development

  • About Us

    We are a tier one information security and risk management company. Our goal is to provide our clients with tailored solutions which meet their objectives.

    Our considerable reachback capabilities allows us to ensure clients receive the very best service, with no compromises.

^ Back to Top