Security breaches and cyberattacks are on the increase and cost organizations several trillions of dollar every year. This has made cybersecurity a top issue for IT, Security, Legal and the board room. The adoption of ISO 27001 in any Organization is a demonstration of top management commitment to the security of critical information assets within such Organization.
ISO 27001, the international best practice standard for Information Security Management System is the only internationally recognized and trusted information security management standard that can be independently certified to cover People, Process and Technology. The adoption of ISO 27001 also helps organization in demonstrating compliance to legal, regulatory and contractual requirements.
InfoAssure Limited has a team of certified professionals with in-depth knowledge and understanding of the ISO 27001 requirements that will ensure the operationalization of the standards to meet business, legal, contractual and regulatory requirements.
At InfoAssure Ltd, we take pride in our extensive experience and proven competence in providing Business Continuity Management services, in compliance with ISO 22301 standards. With a track record of successful engagements, with organizations within and outside Nigeria, we are your trusted partner in ensuring the resilience and continuity of your business operations.
We have successfully collaborated with organizations, both within and organizations that have expansions outside Nigeria, addressing their unique challenges and helping them achieve ISO 22301 certification. Our reach extends across borders, reflecting our ability to adapt to diverse industries and regulatory environments.
Over the years, we have assisted numerous organizations in implementing ISO 22301, helping them fortify their resilience to disruptions and ensure uninterrupted business operations. Our portfolio includes a diverse range of businesses, from small enterprises to multinational corporations. These successes underscore our capability to tailor Business Continuity Management solutions to meet specific needs, ensuring that organizations of all sizes can navigate disruptions with confidence.
Our team, comprises dedicated professionals with deep expertise in Business Continuity Management and ISO 22301 standards. They possess a profound understanding of the intricacies of business continuity planning, risk assessment, and recovery strategies. We stay at the forefront of industry developments to offer you the most up-to-date and effective solutions
ISO 22301 is more than just certification; it's a commitment to continuous improvement. We work alongside you, to foster a culture of resilience and preparedness, helping your organization adapt and thrive in an ever-evolving business landscape.
When you partner with InfoAssure ltd, you are choosing a trusted ally with a proven record of helping organizations within and outside Nigeria achieve ISO 22301 certification. We are dedicated to your success and will work tirelessly to ensure your business remains resilient in the face of adversity
Contact Us today to learn more about how we can help you safeguard your business operations and ensure your readiness for whatever challenges the future may hold.
ISO 20000 is the international best practice standard for IT Service Management (ITSM) and ensures
that
Organization derives value from IT investments, ensure resources are effectively managed and ensures
that ITSM
processes align with the strategic objective of the business and also align with the requirements of
best
practice.
The adoption of ISO 20000 also ensures that companies can continuously improve the
delivery of
their IT services.
PCI DSS certification which is Payment Card Industry Data Security Standard. It is a set of security standards designed to protect cardholder data. The PCI DSS is administered by the Payment Card Industry Security Standards Council (PCI SSC).
The PCI DSS applies to all organizations that process, store, or transmit payment card data. This includes merchants, payment processors, and service providers.
The PCI DSS has 12 requirements that organizations must meet in order to be compliant. These requirements cover a wide range of security controls, such as:
Organizations that are required to comply with the PCI DSS must undergo a regular assessment, to verify their compliance. These assessments can be conducted by a Qualified Security Assessor (QSA).
The PCI DSS is an important security standard for organizations that process, store, or transmit payment card data. By complying with the PCI DSS, organizations can help to protect cardholder data and reduce their risk of data breaches. ROC (Report of compliance), AOC (Attestation of compliance) and SAQ (Self-assessment questionnaire) are all we issue depending on the PCI level of businesses to merchants or service providers after an Assessment by the QSA.
It's an organization that has been certified by the Payment Card Industry Security Standards Council (PCI SSC) to conduct external vulnerability scans for organizations that are required to comply with the Payment Card Industry Data Security Standard (PCI DSS).
ASV scans are required to be conducted at least once every quarter, specifically to identify and report on vulnerabilities that could be exploited by attackers, to gain access to an organization's payment card data. The results of ASV scans are used by organizations to prioritize remediation efforts and to ensure that they are in compliance with the PCI DSS.
Any organization obligated to adhere to the standard, should contemplate arranging external vulnerability scans through InfoAssure Limited, which maintains a well-established partnership with one of the approved vendors. This will help to protect your payment card data and to demonstrate your compliance with the Regulatory body.
A Data Privacy Impact Assessment (DPIA), also known as a Privacy Impact Assessment (PIA), is a
systematic and
comprehensive assessment of the potential risks and impacts on individuals' privacy resulting from
the
processing of personal data. DPIA is an essential tool for organizations to identify and mitigate
privacy
risks in their data processing activities, ensuring compliance with data protection laws and
regulations.
The purpose of a DPIA is to assess the data processing activities from a privacy perspective,
understand the
potential risks, and take appropriate measures to reduce or eliminate those risks. It allows
organizations to
be proactive in protecting individuals' personal data and demonstrating accountability in their data
processing practices.
In essence, a DPIA is a proactive and essential tool for organizations to assess and manage privacy
risks
associated with their data processing activities. It helps organizations to protect individuals'
privacy
rights, demonstrate compliance, and build trust with their customers and stakeholders.
At InfoAssure Ltd, we are dedicated to helping organizations worldwide achieve ISO 9001 certification and establish a culture of quality excellence. With a strong global footprint and a demonstrated track record, we are your trusted partner for implementing and optimizing ISO 9001 standards.
While we have a deep-rooted presence within Nigeria, our reach extends far beyond borders. We have successfully partnered with organizations, spanning diverse industries and regulatory environments. Our experience equips us with a comprehensive understanding of global best practices in quality management.
Our portfolio includes a multitude of success stories from organizations that have harnessed the power of ISO 9001 to enhance their operations. These success stories reflect the tangible benefits our clients have realized, from streamlined processes to enhanced customer satisfaction, on a global scale.
Global-Quality Experts
Our team comprises seasoned experts in quality management and ISO 9001 standards, capable of
providing guidance and solutions tailored to international contexts. We stay at the forefront of
industry developments to ensure your organization receives cutting-edge advice.
ISO 22301 is more than just certification; it's a commitment to continuous improvement. We work alongside you, to foster a culture of resilience and preparedness, helping your organization adapt and thrive in an ever-evolving business landscape.
When you choose InfoAssure Ltd, you're selecting a partner deeply rooted in Nigeria, with a proven track record of excellence in ISO 9001 Quality Management System implementation. Our experience, coupled with our commitment to competence and customization, positions us as the ideal choice to elevate your organization's quality standards in Nigeria and beyond.
Contact Us today to embark on your journey to ISO 9001 certification and quality leadership, whether you're based in Nigeria or abroad.
ISO 45001 is an international standard that sets the requirements for an Occupational Health and
Safety
Management System (OH&SMS). The standard provides a framework for organizations to identify and
control health
and safety risks, minimize the potential for accidents and injuries, and ensure compliance with
health and
safety regulations. ISO 45001 is designed to help organizations create a safe and healthy working
environment
for employees and other stakeholders.
ISO 45001 is a powerful tool for organizations to systematically manage occupational health and
safety risks,
protect their workforce, and create a safe and healthy work environment.
ISO 27701 is an international standard that provides guidelines for implementing, maintaining, and continually improving a Privacy Information Management System (PIMS) as an extension to ISO 27001, which is a well-known standard for information security management. PIMS focuses specifically on privacy management that aligns with the principles of the General Data Protection Regulation (GDPR) and other data protection regulations including the Nigeria Data Protection Act (NDPA). It addresses the protection of privacy as potentially affected by the processing of PII while giving organizations a competitive edge in the global market with increased customer satisfaction.
InfoAssure Limited has competent and experienced ISO 27701 experts with a track record of supporting organizations to gain international recognition and attain compliance with appropriate controls against data breaches through the diligent adoption of this global best practice standard.
The Nigeria Data Protection Act (NDPA) is a legal framework for the protection of personal information established by NDPC for the regulation of the processing of personally identifiable information (PII) of data subjects and related matters. All organizations that collect, store, and process personal data have been mandated to safeguard this PII in accordance to the NDPA requirements.
InfoAssure Limited is a licensed Data Protection Compliance Organization (DPCO) in active partnership with the Nigeria Data Protection Commission. Our seasoned data privacy and protection consultants have enabled several organizations to implement robust technical and organizational security measures, data audit filing, data protection impact assessment, and privacy by design to ensure the data privacy and protection of Nigerian citizens.
The General Data Protection Regulation (GDPR) is a comprehensive data privacy and protection regulation that played a significant role in inspiring the creation of similar data protection regulations in other parts of the world. GDPR basically is specific to the collection, processing, and transfer of Personal Identifiable Information (PII) of European citizens and non-citizens based in the EU. Its primary purpose is to provide individuals with greater control over their personal data, ensure the security of PII, and harmonize data protection laws across the EU member states.
At InfoAssure Limited, we have a team of highly skilled Certified Data Protection Officers (CDPO) who have the expertise knowledge, and wealth of experience in implementing the requirements of the GDPR (173 Recitals and 99 Articles) across organizations who are data controllers or processors.
28, Obanikoro Street, Obanikoro Estate,
Lagos, Nigeria.
This privacy policy describes InfoAssure Limited’s policies and procedures on the collection, use, as well as disclosure of your information when you subscribe to our services, it tells you how the law protects you and your privacy rights.
Personal Data Collected
We may ask you to provide Us with certain personally identifiable information that can be used to
contact or identify you. Personally, identifiable information may include, but is not limited to:
•
Email address
• Phone number
• Address
•
Name
• Date of Birth
Use of your Personal
Data
The company may use personal data for the following purposes:
• To provide and
maintain our service.
• For the performance of a contract
• To contact you
• To provide you with
news, special offers, and general information
• To manage your requests
Tracking
Technologies and cookies
We use cookies to help you navigate efficiently and perform certain
functions. Tracking technologies used are to improve our service. These cookies will only be stored in
your browser with your prior consent. You can choose to enable or disable some or all of these cookies
but disabling some of them may affect your browsing experience. You will find detailed information about
all cookies under each consent category below:
Types of cookies?
Functionality Cookies
Functional cookies help perform certain
functionalities like sharing the content of the website on social media platforms, collecting feedback,
and other third-party features. The details of cookies that we capture are Browser, Country, Date, Number
of visit times, IP Address, and Referrals.
Necessary Cookies
The cookies that are
categorized as “Necessary” are stored on your browser as they are essential for enabling the basic
functionalities of the site.
Analytics:
Analytical cookies are used to understand how
visitors interact
with the website. These cookies help provide information on metrics such as the number of
visitors, bounce rate, traffic source, etc.
Performance
Performance cookies are
used to understand and analyze the key performance indexes of the website which helps in delivering a
better user experience for the visitors.
Advertisement
Advertisement cookies are used
to provide
visitors with customized advertisements based on the pages you visited previously and to analyze the
effectiveness of the ad campaigns.
Administered by Cookeries
To whom we share your
Personal data:
We share your personal data with Service providers and third-party
organizations (Our Partners) based on the lawful purpose of processing.
Retention of your
personal data
InfoAssure will retain your personal data only for as long as it is necessary
for the purposes set out in this privacy policy. We will retain and use your personal data to the
extent necessary to comply with our legal obligations.
Security of your personal
data
The security of your personal data is important to us and we have processes
and necessary security tools in place to prevent unauthorized access or data breach
Your rights as
a data subject
• Right to be Informed
• Right of Access:
• Right to
Rectification:
• Right to Erasure:
• Right to Data portability:
• Right to Restrict
processing:
• Right to Object:
• Right not to be subjected to a decision based solely on automated
processing
Updates to this privacy policy
We regularly review and, when
appropriate update this privacy policy from time to time as our services and use of personal data evolve.
If we want to make use of your personal data in a way that we have not previously identified, we will
contact you to provide information about this and, if necessary, to ask for your consent. Also, we will
notify you of any changes by posting the new privacy policy on this page.
CONTACT
US
If you have any questions or complaints about our use of your information, we
would prefer you to contact us directly so that we can address your
complaint.
dpo@infoassureltd.com
28, Obanikoro Estate, Obanikoro, Lagos, Nigeria
+234 803 533
8896
This Privacy Notice applies to “INFOASSURE LIMITED's” website inquiry page (www.infoassureltd.com). The privacy of our Users is important to us, and we are committed to safeguarding it. Hence, this Privacy Notice explains the Personal Information and Personally Identifiable Information (PII) that we collect, why we collect it, and what we do with it.
PERSONAL DATA COLLECTED: (NAME, EMAIL ADDRESS AND ALL OTHER PIIs CAPTURED ON OUR DATA COLLECTION POINTS)
Purpose of Processing
We do not carry out automated decision-making on personal data collected. We process personal data based on consent
to:
1. Respond to your inquiries and fulfill your requests.
Retention Period
InfoAssure will retain your personal data only for as long as it is necessary for the purposes set out in this
privacy policy. We will retain and use your personal data to the extent necessary to comply with our legal
obligations.
Further Processing
INFOASSURE LIMITED shall request for data subject consent for additional processing of personal data other than the
lawful purpose of processing stated above.
Kindly refer to our Privacy
Policy for more details on our data privacy and protection culture.
By clicking “OK” you agree that INFOASSURE LIMITED can collect and process your personal data in accordance with
this privacy notice and our
website privacy
policy.
The Board and Management of InfoAssure Limited which operates in the Information technology sector are committed to preserving the confidentiality, integrity and availability of all physical and electronic information assets throughout the organization, in order to preserve its asset, legal, regulatory as well as contractual, compliance and image.
The Information Security Management Systems (ISO 27001) requirements will continue to be aligned with organizational goals and is also intended to be an enabling mechanism for information sharing, electronic operations, and reducing information & Technology related risks to acceptable levels.
InfoAssure Limited is committed to providing quality services to our customers, both internal and external by aligning Information Technology investments with organizational goals. InfoAssure Limited has aligned its processes and operations to the requirements of the ISO27001 standard to ensure, cyber resilience, protection of its information asset and maximization of benefit/returns on IT investments.
It is, therefore, InfoAssure policy to ensure:
Management is committed to the continual improvement of the ISMS in the Organizations.
Breach of the policy or security mechanism may warrant disciplinary measures, up to and including termination of employment/contract as well as legal action in line with the Cybercrime Prohibition Act 2015.
The Board and Management of InfoAssure Limited are fully dedicated to upholding the confidentiality, integrity, and availability of all physical and electronic information assets in the organization. Our commitment is essential to safeguard our assets, adhere to legal and regulatory requirements, meet contractual obligations, and preserve our reputation.
We recognize the significance of the Information Security Management System (ISMS) in accordance with ISO 27001 and the Quality Management System (QMS) aligned with ISO 9001. These integrated systems are instrumental in achieving our organizational objectives, facilitating secure information sharing, optimizing electronic operations, and effectively mitigating information and technology-related risks.
The management is firmly committed to sustaining the excellence of the ISMS and QMS in InfoAssure.
Any breach of this policy, or security mechanisms may result in disciplinary measures; including termination of employment/contract, and legal action in accordance with the Cybercrime Prohibition Act 2015.
This policy statement, reflects our organization's commitment to securing information, delivering high-quality services and continuous enhancement, tailored to the specific context of an IT GRC and Cybersecurity consulting firm. The integration of ISMS and QMS ensures an efficient and effective approach to risk management and fostering confidence among our clients and stakeholders.