The iSecureData system will provide a customized and complete overview of the steps needed to implement the ISMS for businesses and organization. For each step, the system will provide the necessary information and education so that the businesses can implement the step and use the software to document the procedure. However, in some cases businesses will need or prefer outside help for the completion of tasks. This mainly occurs on tasks involving the set up and maintenances of hardware or certain network/database procedures. iSecureData, like traditional ISMS experts and consultants, supervised the implementation and documentation of the action plans and does not directly provide IT services to companies.
However, by using iSecureData, customers will get access to a wide range of experts located in their home city, which have been vetted and approved by iSecureData, to help them with the specific tasks at hand.
The process of accessing local experts is straightforward. Through their portal, firms can see available experts in their location and arrange a consultation and subsequently hire the expert to work on a specific task. Once the task has been completed, data and documentation regarding the task will be entered into the system and firms can move on to the next steps. This process simplifies finding and using the help of knowledgeable and experienced specialists by the businesses and organizations using iSecureData. Based on our research, one of the challenges companies face in the hiring or outsourcing of specific tasks related to their IT infrastructure to freelancers. It is often hard to find the right match of informed and skilled persons with a fair price since companies do not have the time or skillset to filter among the many specialists located in their city. iSecureData will take care of that by vetting each member it includes on its website and ensuring that not only are they familiar with the ISMS protocols, but also understand how the iSecureData system works so that they can implement the task according to the specification required and input the data into the system.
iSecureData will assess qualified individuals and firms which are interested in providing third party services to the customers of the iSecureData system. A contract will be signed with each individual which a percentage of the revenue they receive from direct services or sales to iSecureData customers will be paid to iSecureData stipulated as an ‘agent fee’. This percentage will differ according to the city and market of each individual and will be determined based on the principles of supply and demand. As an example, if iSecureData has a considerable number of customers located in city X but not many qualified specialists, then the agent fee charged from each agent will be very minimal in order to encourage agents to take on more projects. While as in markets where many qualified agents exist, the agent fee will be higher.
Once an expert is approved by the business, they will be included in the database and given access to the portal where clients will be able to contact them. They will receive training on the iSecureData system and must show that they are aware of the latest updates in ISMS and, more specifically, ISO 27001 protocol to the extent which it concerns their duties and services. Experts will receive the request from clients and will negotiate and sign a contract directly with each client. iSecureData will charge no membership fee for including the expert in the database but will renegotiate ‘agent fees’ every six months depending on the market. At the start of the business, experts will be secured in Toronto and Vancouver as two large Canadian cities that will most likely have the highest number of customers using our service.
Some of the experts and firms which will be part of the iSecureData partnership program as:
- Hardware & Software Providers: These include retail stores and online providers of IT equipment and software. In some cases, a provider can be located in a different city but still provide hardware or software to firms and this will be taken account into the database.
- IT System Administrators: Most experts in this field will be individuals which will help with implementing technical aspects for the networks of companies or organization. They organize, install, and support an organization’s computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication systems.
- Data Protection Officer: For larger businesses or organization which handle large amounts of personal data the help of a data protection officer might be needed to make sure that the data subjects (personal data of staff, customers, providers, or other individuals) are in compliance with the data protection rules required by the ISMS.
Information Security Officer: Similar to the data protection officer, this role will be needed in organizations with a vast IT system. The information security officer’s role is to look for threats and establish protocols for identifying and neutralizing them. They also can provide the necessary training to employees to limit the data breach and increase cybersecurity.