03
Solutions
Information Security & Cybersecurity
Ransomware, denial of service attacks, loss of confidential data and theft of intellectual property are increasing threats.
Solutions
Information Security & Cybersecurity
JASANZ Register
Looking for help with getting certified to management system standards?
JASANZ has a Register of accredited bodies who can help.
Many Australian companies, especially in mining, lag behind their international counterparts when it comes to preparing for threats that are increasing year-on-year.
Critical minerals businesses are especially vulnerable because of their financial and geopolitical value, whether from cyber criminals or state-based threat actors.
That’s why critical minerals businesses should take every measure to adopt rigorous international standards that reduce threats to their business continuity, information security and assets.
The threats and responses coalesce around these three areas.
Business continuity
Smart businesses develop procedures and processes to minimise the impact of risks, crisis and catastrophes. Business continuity planning identifies risks and dangers, reduces the time needed to restore business operations and keeps up with the ever-changing nature of threats and responses.
For stakeholders and investors, having a strong, credible and internationally-accepted business continuity strategy is essential to provide a high level of assurance. Such strategies are codified in international standards.
Information/cyber security
New technologies like cloud computing, big data analytics, autonomous systems, and the Internet of Things (IoT) have made cybersecurity more complex and critical. Businesses that want to protect their assets should adopt innovative and rigorous procedures to ensure their information assets are protected.
Information security management systems (ISMS) are designed to protect the information assets of businesses through strategic orientation, implementation and monitoring of security programs. There are international standards for ISMS, providing solid security frameworks for ensuring the confidentiality, integrity, availability, authenticity, and auditability of critical information assets.
Asset management
Mining industries operate in a business and market environment that has high levels of uncertainty. Remote locations, difficult environments, staffing challenges and complex equipment requirements all add to the unique complexity of managing disparate assets.
Internationally accepted asset management strategies can assist with managing this complexity. To enhance their competitiveness and efficiency and minimise risk, critical mining companies should adopt these proven strategies, methodologies, and processes for managing their assets.
ISO
ISO (International Organization for Standardization) is an international federation of 167 national standards bodies. It brings together experts to develop standards to support innovation and provide solutions to global challenges.
IEC
IEC (International Electrotechnical Commission) is a similar global organisation focused on developing standards for infrastructure and trade in electric and electronic goods.
The standards are internationally accepted and evolve over time to adapt to changing technology and developing threats.
There are discrete international standards for business continuity and asset management.
Due to the rapidly changing nature of information technology and cybersecurity, there are three international standards that cover those areas.
Business continuity
- ISO 22301 — Business continuity
Asset management
- ISO 55001:2014 — Asset management — Management systems — Requirements
Information/cyber security
- ISO/IEC 27001:2013 — Information technology — Security techniques — Information security management systems — Requirements Supported by:
- ISO/IEC 27002:2022 — Information security, cybersecurity and privacy protection — Information security controls
- ISO/IEC TS 27110:2021 — Information technology, cybersecurity and privacy protection — Cybersecurity framework development guidelines
Visit the Guides page to find out more about the specific international standards that are relevant to the critical minerals sector. Attend one of our webinars or events to discover more about the requirements of getting certified. Purchase and access the ISO/IEC standards you want from one of these Australia providers. Select a body, organisation or person accredited by JASANZ to inspect and certify organisations to ISO/IEC standards.
Begin working your way through the ISO certification process, which contains five stages:
- Stage 1 — gap analysis
- Stage 2 — certification documentation
- Stage 3 — developing a management system
- Stage 4 — implementation
- Stage 5 — auditing and ongoing improvements.
Stage 1
gap analysis
The gap analysis is a review of your company against an ISO standard. It identifies gaps in your operations that need improvement to reach certification standard. Once the gap analysis is finalised, your certifier will review the analysis with your management team. The gap analysis will be used as a basis to prepare the compliance documentation.
Stage 2
prepare your documentation to become certified
The documentation sets out your compliance objectives and processes to follow to ensure compliance.
Stage 3
developing a management system
You can modify or create a new management system that aims to ensure compliance measures will become integrated into your business.
Stage 4
implementation
The implementation stage is doing the hard work of embracing the ISO standards so they become integral to your management and operations.
Stage 5
auditing and continual improvements
Auditing is conducted internally and externally. This step is the final one to prove that you have reached and maintained compliance with ISO certification.
01
Risks in
Information Security & Cyber Security
Ransomware, denial of service attacks, loss of confidential data and theft of intellectual property are increasing threats.
02
Benefits of standards in
Information Security & Cyber Security
Mining companies experience many benefits from adopting international management standards.