ISO27001 – Information Security
We can provide various levels of support for the businesses, who need to have ISO27001 certification. There are two approaches we take to provide support to the businesses.
E2E management – In end-to-end management we provide initial Gap Assessment, discussions, finding the notified / certification body. We provide full end-to-end support and help, which enables organisations to obtain ISO27001 certification and have all the operational activities completed by us.
Using our Assessment, Planning and Improve methodology we can integrate security effectively into businesses. Our consultants have extensive experience in ISO 27001 standard. This ensures that we address our client’s requirements and can provide value added support.
Customize Support/Partial Management –Customize Services enable organisations to gain support as and when required to support existing personnel in their ISO27001 Certification. We often provide an ISO 27001 consultancy service delivering a subset of the controls that range from risk assessments and technical assessments. A partially managed service is useful for companies who may not have experience of the ISO27001 certification process, risk assessment experience or require technical skill requirements.
What we cover – This engagement covers all areas of ISO 27001 that are listed below –
– Company Information Security Policies
– Organization of Information Security
– Human Resource Security
– Asset Management
– Access Control
– Physical and environmental security
– Operation Security
– Communication security
– System acquisition, development and maintenance
– Supplier relationships
– Information security incident management
– Information security aspects of business continuity management
Other Additional Services we can provide – Internal Auditing.