Security Control Design and Development

We'll work with you to review, design and develop IT control requirements and supporting frameworks based on validated risks in New Zealand organisations.

The implementation of well structured, clearly defined and operationally relevant controls is critical to the successful management of security across your New Zealand based organisations.

How we can assist:

Appropriate controls within your information and information technology environment decrease the information security risk.

New Zealand cybersecurity services can include support and/or development of the following:

  • IT Controls and Operational Framework
  • Control Registers / Statement of Applicability
  • Selection and mapping of controls from an appropriate recognised industry framework to treat your organisation's assessed information security risks
  • Creation and/or modification of control elements to underpin and support your operational processes

We start by listening.

Frequently Asked Questions

What is a security control framework?

A security control framework is a set of policies, procedures, and guidelines that help an organisation protect its information systems and assets. It provides a structured approach to identify, assess, and manage information security risks.

Why is a security control framework important?

A security control framework is important because it helps an organisation manage its information security risks and ensure the confidentiality, integrity, and availability of its information assets. It provides a systematic approach to identify, assess, and manage risks, and ensures that security controls are in place to protect the organisation's assets.

What are some common security control frameworks?

Some common security control frameworks include ISO 31000, ISO 27001 and PCI DSS.

What is ISO 27001?

ISO 27001 is an international standard for information security management systems (ISMS) developed by the International Organisation for Standardisation. It provides a framework for organisations to establish, implement, maintain, and continually improve their information security management systems.

What is PCI DSS?

PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards developed by major credit card companies to ensure that organisations that process credit card payments maintain a secure environment.

How do organisations implement a security control framework?

Organisations can implement a security control framework by first identifying their information security risks and selecting a framework that is appropriate for their industry and business needs. They can then develop and implement security policies and procedures, perform risk assessments, and establish and monitor security controls to protect their information systems and assets.

Contact us

Speak with a Tesserent
Security Specialist

Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.

Let's Talk
Tess head 8 min