's CEDIA supports member institutions in strengthening their information security governance by GRC (Governance, Risk and Compliance) service assessing their security maturity level and defining an improvement roadmap .
This service is geared towards institutions seeking to strengthen their security management and align themselves with best practices and national and international regulatory frameworks.
How does it work?
The GRC service begins with an assessment of the level of maturity in information security, based on reference frameworks such as:
- cybersecurity best practices
- national and international standards (ISO 27001:2022, ISO 22301, EGSI, LOPDP)
- risk management models.
Based on this diagnosis, gaps and opportunities for improvement are identified, which allows for the construction of a roadmap for strengthening information security for the institution.
The support includes technical advice on topics such as:
- risk management
- security policies
- security governance
- strengthening of institutional capacities.
Benefits:
-
Maturity level assessment: Diagnosis of the current state of information security.
-
Gap identification: Detecting opportunities for improvement in security processes and controls.
-
Improvement roadmap: Strategic plan to strengthen institutional security.
-
Security governance: Support in the structuring of policies and processes.
-
Specialized support: Expert advice on information security.
-
Strengthening institutional capacities: Development of a safety-oriented organizational culture.
How to apply?
This benefit can be requested by noc@cedia.org.eccedia.
