Overview
ISO 27001 enables companies to measure the risks to their
information and ensure that appropriate measures or controls are in
place to protect their business and information assets. Our ISO
27001 compliance services assist an organisation to understand the
gaps in information system controls as per the ISO 27001 control
objectives and provide recommendations to address the gaps. This
will assist an organisation in formulating implementation plans to
achieve ISO 27001 certification.
Scope:
- Understand corporate business and IT process.
- Analyse business and IT risks.
- Map business risk with ISO 27001 controls.
- Select applicable ISO 27001 controls.
Features
Our ISO 27001 service set includes the following:
ISMS Consulting
This service enables customers to select and deploy relevant ISO
27001 controls and best practices within their environment. The
service is offered in a modular form and is customizable to suit
specific needs.
The key modules include:
- Threat & Risk Assessment.
- Creation of ISMS Framework: ISMS design based on ISO 27001 guidelines that are vendor and technology independent.
These modules can be considered in isolation if a certification is not your end goal.
ISMS Implementation
This service provides deployment of the designed ISMS and the complete security solution towards achieving an ISO 27001 certification.
The mandatory modules required for certification are:
- Design & Development of ISMS Controls
- Implementation of ISMS Controls
ISMS Compliance Assessment & Audit
This service ensures compliance of the existing IT environment and its management procedures with the ISO 27001 controls and guidelines for the enterprise security posture. The audit comprises of the following modules:
- ISMS Audit
- Asset Audit
- Security Architecture Audit
- Policy Audit
- Compliance Report
A pre-certification audit that acts as a real-time quality check and provides reassurance prior to the certification audit is also available as a separate service.