Information Security Blog

PPS Announces Formal Business Continuity Management Practice Area

PPS Announces Formal Business Continuity Management Practice Area

Hamilton, N.J. (PRWEB) November 27, 2012

Pivot Point Security, a leading information security assessment firm, has formalized practice areas around Business Continuity Management (BCM) and IT Continuity Management (ITCM). These practice areas address the specific needs of a growing number of businesses that are leveraging more formal types of attestation (e.g., ISO 27001, Shared Assessments Program , SOC 2), in order to demonstrate the business continuity and disaster recovery elements that are integral to these standards.

“These practice areas are a natural extension of our work with clients,” explained John Verry, Pivot Point’s “Security Sherpa” and ISO 27001 Certified Lead Auditor. “As Vendor Risk Management programs mature, the continuity elements of Information Security become more critical components of an Information Security Management System. As ISO 27001 is increasingly the most recognized form of Information Security Attestation, utilizing the ISO standards for Business and IT Continuity is a logical evolution for our clients.”

Pivot Point Security’s Business Continuity Planning practice centers on the ISO 22301:2012 [Societal security – business continuity management systems – requirements] standard, which provides certifiable, best-practice guidance on Business Continuity planning. Likewise, the IT Continuity Planning practice is based on the ISO/IEC 27031:2011 [Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity] best-practice guidance.

“The formalization of these Business Continuity Management and IT Continuity Management practices reflects the exponential increase in attestation related projects that Pivot Point is involved in,” said Lisa Zorovich, Pivot Point’s Director of Operations. “Creating formal practice areas helps to both structure and tailor our service offerings to directly address the needs of our clients in financial services, government, healthcare, life sciences, energy/utilities, manufacturing and other verticals.”

For more information about these new Pivot Point Security practice areas and related service offerings, please call 1-888-748-6876 or visit

About Pivot Point Security 
Pivot Point Security delivers maximum levels of objective information security expertise to its diverse client base, spanning market sectors including Nonprofits, Pharmaceuticals, Financials, Telecommunications, and Government. Our policy of not selling product and our absolute focus on our core practice areas ensures the highest possible levels of competence and independence.

From family-run businesses to global enterprises, Pivot Point Security has the right combination of Information Security/Compliance domain expertise, technology industry knowledge and experience, and organizational character to simplify the process of defining and executing on the best course of action — so you can know you’re secure and prove you’re compliant.


Free Download: ISO 27001 Vendor Selection Toolkit

“ISOOur ISO 27001 Toolkit will help you to select an ISO 27001 consulting firm.
  • Review the Issues Critical to Your Environment
  • "Vet" Vendor Qualifications
  • Compare the Top 3 Vendors
  • Sample RFP Included

Download: Information Security Attestation Guide

Information Security GuideA Best-Practices Guide to Information Security Attestation

Download our proven Information Security Guide to simplify the process of protecting your data, proving you’re secure and growing your business.

Free Download: ISO 27001 Implementation Roadmap

ISO 27001 RoadmapHave no fear – our “roadmap” will guide you, step by step, through the entire ISO 27001 process.

Getting to ISO 27001 certification is a process made up of things you already know – and things you may already be doing!

Is ISO 27001 Right for (Y)our Organization?


Thinking about ISO 27001 Certification? View our free On-Demand ISO 27001 Webinar

  • How to deal with increasing threats
  • How to manage multiple regulatory requirements
  • How to handle client requests for attestation
  • To validate that significant changes did not have unanticipated results

About the Author:

John Verry (CISA, 27001 Certified Lead Auditor, CCSE, CRISC) is Pivot Point's resident "Security Sherpa". He is lucky enough to spend most of his day helping clients develop a road map to address security, compliance, and attestation requirements.

Add a Comment

Share This