ISO 27001
Implementation Services
We've helped many organizations align and certify themselves to the ISO27001 Information Security Management Standard. There are many benefits to aligning with or certifying to ISO27001.
Our flexibility and ability to work with many different parts of an organization make us a Trusted Partner of many large companies.
Our methodology is as follows:
Your company your goals and objectives of the ISO27001 Implementation (i.e. Certification, Reductions in Cost, or other) will drive the amount of pre-work to complete. Preparation for an audit will require a much higher degree of rigor than an organization self-selecting alignment with the Information Security Management Standard. As needed, we will partner with your team and your company to identify and prioritize the objectives, seem stakeholder commitment, develop asset inventories, and assist in scoping your environment.
After gathering asset lists, seeking management support, and defining scope we can begin our assessment your environment against the ISO27001 controls. During this phase we will gather the list of gaps which will be the foundation for the risk assessment.
In this phase we’ll focus our conversations and assessment to gaps identified and begin assessing their context to your business, how the gaps impact critical assets, how the gaps might impact strategic goals and objectives. This allows us to begin prioritizing the risks that most relevant to your business.
Here we can begin measuring risk impacts, which risks to accept, avoid, transfer, or mitigate to an acceptable level using Information Security controls.
Based on the outputs from Phase 4 we can begin to manage any risks identified. Whether you transfer the risk via insurance policies, or implement Security Controls we can assist helping to ensure the controls are implemented correctly and risk has been remediated.
For clients seeking to obtain certification, Phase 6 is prepare for the Audit via a readiness review and double-checking all documentation is complete and in place. Phase 7 is the actual audit by a certified external audit firm.
© 2020 - Secureitlab | All Rights Reserved