cyber resilience

Ravinn helps organisations to develop, implement and maintain effective information security programs so they can proactively identify, protect and respond to threats in a continuously evolving cyber risk landscape.

STRATEGY AND RISK

We deliver solutions that are relevant and work for you. 

Our strategy and risk services include:

COMPLIANCE

Our team are experienced in providing practical guidance to meet and maintain compliance across a broad range of standards.

These are including but not limited to: 

GOVERNMENT ACCREDITATION

Government agencies and private organisations that handle Australian Government information must comply with the Information Security Manual (ISM).

To achieve Government accreditation requires the services of an Information Security Registered Assessors Program (IRAP) Assessor.

Ravinn can work with you to ensure that you meet a range of Australian or New Zealand Government requirements for information security, including:

SUPPLY CHAIN RISK MANAGEMENT

Supply chain attacks are increasing in frequency and complexity, proving that no matter how water-tight you think your security is, if your supply chain is weak, you are vulnerable.

We work closely with our clients to thoroughly understand every element of their supply chain, identify vulnerabilities, set the conditions to mitigate risk and enable effective management of the supply chain.

OPERATIONAL TECHNOLOGY

Our intelligence driven and threat focused approach is essential to successfully protect critical infrastructure through several means.

We strongly believe in the benefits of being threat aware and prepared: forewarned is forearmed.

TRAINING AND AWARENESS

We understand the human element and how your people might be exploited, and also what it takes to make them aware and drive a more security aware culture.

Ravinn design and deliver high-impact training and awareness campaigns for organisations of all shapes and sizes, with effective in-built measures of performance and success.

We deliver solutions that are relevant and work for you.

Our strategy and risk services include:

  • Cyber security health checks
  • Security strategy design, development and implementation
  • Security Risk Assessment (cyber, physical and human security)
  • Cyber security for Small and Medium Enterprises (SMEs)

Our team are experienced in providing practical guidance to meet and maintain compliance across a broad range of standards, including but not limited to:

  • ISO27001 Information Security Management System (ISMS)
  • NIST CSF
  • IRAP (ISM/PSPF)
  • ASD Essential 8
  • Queensland Government Information Security Policy (IS18)
  • Cloud Security
  • Australian Energy Sector Cyber Security Framework (AESCSF)
  • RISSB Rail Cyber Security (AS7770:2018)

Government agencies and private organisations that handle Australian Government information must comply with the Information Security Manual (ISM).

To achieve Government accreditation requires the services of an Information Security Registered Assessors Program (IRAP) Assessor. Ravinn can work with you to ensure that you meet a range of Australian or New Zealand Government requirements for information security, including:

  • IRAP/ NZISM certification and accreditation advisory – assistance with understanding and achieving the requirements
  • ISM/ NZISM gap analysis (pre-IRAP assessment)
  • IRAP assessment
  • Defence Industry Security Program (DISP) Advisory services

Supply chain attacks are increasing in frequency and complexity, proving that no matter how water-tight you think your security is, if your supply chain is weak, you are vulnerable.

We work closely with our clients to thoroughly understand every element of their supply chain, identify vulnerabilities, set the conditions to mitigate risk and enable effective management of the supply chain.

  • Supply chain risk assessments
  • Design and development of supply chain risk management frameworks

Our intelligence driven and threat focused approach is essential to successfully protect critical infrastructure through several means.

We strongly believe in the benefits of being threat aware and prepared: forewarned is forearmed.

  • Asset discovery
  • Threat management
  • Vulnerability management
  • AESCSF implementation
  • Rail cyber security expertise

We understand the human element and how your people might be exploited, and also what it takes to make them aware and drive a more security aware culture.

Ravinn design and deliver high-impact training and awareness campaigns for organisations of all shapes and sizes, with effective in-built measures of performance and success.

  • Security awareness training for all staff, business leadership, travel and increased exposure personnel
  • Multi-media security awareness campaigns
  • Measurable security validation exercises (including Phishing campaigns)
  • Scenario based security wargaming exercises to test your readiness
  • Security culture strategies