Nairobi, Kenya ISO 20000 (ITSMS) Lead Implementer Contact Us April 26, 2021 - April 30 , 2021
8:00 AM - 5:00 PM
UPCOMING EVENT
Business Continuity Training for Equity bank group in Dar Es Salaam Tanzania Nairobi, Kenya ISO 22301 (BCMS) Lead Implementer Contact Us May 24, 2021 - May 28, 2021
8:00 AM - 5:00 PM
UPCOMING EVENT
Risk Management training for UFAA

Our Partners

About Us

Karibu! Datasec Africa

Datasec is a Management Systems Training & Consultancy Firm. We provide creative solutions that meet our client’s expectations while assisting them to realize their business objectives in an efficient and effective manner.

Our team is comprised of professionals who are passionate about Management Systems, highly skilled and experienced. Since Incorporation in 2014, we have proven to be the preferred solutions provider to many organizations across East, Central and Southern Africa.

image

To champion our clients goals with passion and integrity in order to improve and maintain their Information Assets and Management Systems.

image

To become the world’s premier choice for Data Integrity and Management Systems.

image

Reliable, Loyal, Dependable, Consistent, Efficient,
Innovative.

image

We promise,we deliver.

Our Services

Training

Training

Our trainings are accredted by National Industrial Training Authority. We are also a PECB Gold Authorized Partner.

Risk Management

Risk Management

- ISO31000 Foundation - ISO31000 Risk Manager - ISO31000 Lead Risk Manager

Information Security/ Cyber Security

Information Security

We simulate an attempt at breaching your security so that you can fully appreciate the risks and the potential consequences of an intrusion.

General Data Protection Regulation (GDPR)

General Data Protection Regulation

The aim of the GDPR assessment is to evaluate and measure the compliance of your organization towards GDPR requirements.

IT Governance

IT Governance

We provide consultancy services on implementation of ISO 2000 which include training the implementers, and audit.

Payment Card Industry Data Security Standard (PCI-DSS)

PCI-DSS

Maintaining payment security is serious business. It is vital that every entity responsible for the security of cardholder data diligently follows this standards.

Business Continuity & Disaster Recovery

Business Continuity & Disaster Recovery

Every organization needs to be secured towards disruptions, incidents, inside and outside threats.

View all the services that we offer.

We are trusted by major Banks, Telcoms and Governments.

View all the services that we offer.

We are trusted by major Banks, Telcoms and Governments.

Trusted By

Testimonials

The training provided by Datasec is class leading and I like the way their trainers strike a fine balance between theory and practice. Datasec is my go-to consultancy firm.

Lamex Ogweno
Market Risk Manager Equity Bank ,Kenya

PurpleTeam is delighted to have a continued collaboration with Datasec due to their professionalism, technical skills and expertise that is of high standards.

Wangeci Gathua
CEO-Purple Team Cybersecurity Ltd

Datasec provided us with excellent information security training. The team demonstrated their expertise in the banking sector and were highly professional.

Janet Musya
ICT Training Manager, Central Bank of Kenya

Our Team

The Datasec team is comprised of professionals who are passionate about Management Systems, highly skilled and experienced. There is a continuous learning policy for all team members in order to keep up with the changing world of technology. Since the information security environment is very dynamic with new and evolving threats.

Datasec invests heavily on research into challenges and the solutions that would benefit clients based on risk and optimum cost, thus ensuring return on security investment (ROI).

DON'T MISS OUT!

Upcoming Trainings and Events

OUR POLICY

Information Security Policy

The aim of this policy is to define the purpose, direction, principles and basic rules for information security management.

This involves the systematic approach to managing company information so that it remains secure (maintain confidentiality, integrity and availability).

This policy applies to all information, information systems, networks, applications, locations and users of Datasec or supplied under contract to it.

Datasec goals and objectives for information security are aligned with its strategic objectives and
are follows:

Ensure information confidentiality: Restricting data only to those who need access to it.

    • Ensure information integrity: Making sure that the data in an Datasec’s possession is
      accurate, reliable and secured against unauthorized changes, tampering, destruction or
      loss.
    • Ensure availability of information and information processing systems: Provide secure and
      uninterrupted service to customers.
    • Enhance operational efficiency: Ensure that the information security measures adopted do
      not hinder but enhance Datasec’s capacity to provide services.
    • Cost Effectiveness: Ensure that the security measures Datasec chooses to deploy against
      risk are justifiable when measured against the cost of risk being mitigated.
    • Ensure compliance with information security requirements from clients, laws and
      regulations
    • Determine and allocate the resources necessary for the establishment, implementation,
      maintenance and continual improvement of the security management system.
    • Develop and implement a methodology to perform risk assessment and risk treatment.
    • Ensure that nonconformities are corrected, consequences dealt with, root cause
      investigated and dealt with appropriately.
    • Evaluate performance of the information security management system and continually
      improve it to ensure its continuing suitability, adequacy and effectiveness.
 

Leverage agile frameworks to provide a robust synopsis for high level overviews. Iterative approaches to corporate strategy foster collaborative thinking to further the overall value proposition. Impress clients new and existing with elite construction brochures. Impress clients new and existing with elite construction.

Exceptions against individual controls in specific policy domains shall be formally documented, which will include, at a minimum, the following:

  • Justification for the exception;
  • Risk due to the exception;
  • The mitigation controls to manage the risk;
  • The plan of action to manage the risk; and
  • The validity period of the exception.
Contact us

Get in Touch with us