Hot News – Awards

2020-11-30 – Zygma’s CEO, Richard G. Wilsher, is the proud recipient of a Kantara Initiative Exemplary Contribution Award 2020, one of five recipients in this year’s first granting of this recognition.

The Kantara citation reads:
Richard is CEO of Zygma Inc a Kantara Certified Assessor. In 2020 Richard continued to be a regular attendee of IAWG meetings where he always provided insightful comments.  His insights were instrumental in developing feedback to requests for comments on documents from various jurisdictions – the Pan Canadian Trust Framework (PCTF) from the Digital Identification and Authentication Council of Canada (DIACC), NIST SP 800-63 Rev 3 on potential changes that could be included in Rev 4, the European Union eIDAS Regulation, the UK Digital Identity Strategy (DIS) from the UK Government Department for Digital, Culture, Media and Sport (DCMS), the Digital Identity Scotland (DIS) Scottish Attribute Provider Service (SAPS), and the Enterprise Digital Identity Program including Digital Wallet Market Consultation from the Canadian Province of Ontario. Richard was also the key contributor to the development and updating of Kantara IAF documents during 2020 – editor (under a Kantara contract funded by an ID.me donation) the IAWG’s Service Assessment Criteria (SAC) for use by Kantara Accredited Assessors to assess that Services are compliant with the requirements of NIST Special Publication 800-63 Rev 3 Federation Assurance at Level 2 and 3 (FAL2 and FAL3), Authentication Assurance at level 3 (AAL3), and Identity Assurance at level 3 (IAL3); co-editor of the update to the IAF Glossary and Overview; editor in the ARB effort that revised the IAF Service Assessment Handbook, and the editor of the IAF documents which are under the ARB’s control. Richard also contributed to Kantara’s comments on ISO standards drafts“.

Details of all five 2020 awards can be found here.

Richard has previously been recognized by CS1, the USA’s national body participating in ISO JTC 1/SC 27, from which he received an INCITS Technical Excellence award in 2013.

Services

Zygma has provided its services in over twenty countries, to governments, commercial organisations in many sectors, standards bodies, technical specialists and forensic IT specialists.

We cover a wide range of information security topics and have the right understanding and contacts to effectively undertake assignments in our specialist domain.

We address the management, policy, procedural and technical areas of information security, and when necessary work with an international network of partners and associates with whom we can build a team with the requisite competences to fulfil our clients’ requirements.

We work with our clients, not just for them, making sure we understand the client’s context and real needs, rather than ‘drop-forging’ their problem into our solution.

We list below the principal areas in which we are active, but if what you want doesn’t appear here, get in touch with us and we’ll be pleased to respond in terms of your specific requirements.

Zygma - Securing Your Business' Information

An ISMS is built around the requirements of the de facto IT security standard ISO/IEC 27001 “Information security management systems – Requirements”, supported by the Code of practice given in ISO/IEC 27002.

Zygma specializes in the provision of ISMS-related services.

An IT Service Management System is built around the requirements of the standard ISO/IEC 20000-1 “Information security management systems – Requirements”, supported by the guidance given in ISO/IEC 20000-2.

By this term we mean organizational frameworks within which electronic services operate according to defined (usually openly-published) regulations and/or performance and operational criteria, and thereby are trusted by others within the scope of the framework.

Zygma has a well-proven track record in setting up assurance frameworks and understands how to design the processes and procedures necessary to make them operationally effective, not just technically well-specified. This includes aligning such frameworks to International Standards, such as ISO/IEC 17021 and 17065.

We have extensive experience in the development of standards, and can assist standards bodies and other agencies and organizations wanting to develop standards documents.

Zygma can provide an independent perspective on plans, specifications, security systems etc. We can do this by applying formal auditing techniques against a specific standard or audit plan – our specialisms in this regard are in the context of ISO/IEC 20000-1 and 27001, and identity and credential management systems (ICAMs).

We can fulfill needs not readily categorized in the specific areas discussed above.

We’re sure that if you have needs in the information security area we can respond to them. And if we can’t, we’ll tell you straight and help you find someone who can.


Kantara Support

Zygma has unique understanding of the Kantara Initiative’s Identity Assurance Framework (IAF) – Zygma’s CEO, Richard Wilsher, was the principal architect of the IAF and principal author of the Service Assessment Criteria, the Assessor Qualifications and Requirements, and the IAF’s processes.  Our understanding of the IAF is unsurpassed.  Add our auditing capabilities and we are able to offer the complete range of services described here.

Zygma’s Kantara Support Services are offered at Assurance Levels 1, 2 and 3.