Information Security to ISO 27001
ISO 27001 is part of a family of International Standards designed to help organisations manage information security risks.
Furthermore, organisations can achieve Certification to the standard providing the added benefit of an independent verification of the system.
The standard is written in the spirit of ‘business risk’ however, part of it’s complexity is Annex A, which details a variety of controls that can be used to mitigate certain risks. The 2013 revision of ISO 27001 contained 114 controls.
Implementing Information Security to ISO 27001 requires careful planning and control, and our Consultants are trained in Project Management to help you keep things on track.
ISO 27001 Gap Analysis
An ISO 27001 Gap Analysis can be used to check the organisation’s existing information security arrangements against the requirements of ISO 27001 or other Standards.
Our Consultants will produce a report identifying required actions and improvements in order to comply with the standard, which can speed up the implementation process.
Assistance with Tendering and RFPs
Information Security to ISO 27001 is becoming common in the tender process. Often even ISO 27001 certified companies are asked to provide additional evidence of information security controls.
Our Consultants can help you respond to tenders and advise on information security best practices that will put your organisation ahead of others.
Verifying Existing Controls with Info Sec Audits
Our IRCA trained lead auditors design effective audit programmes to test and verify information security controls, reporting objective evidence.
Non conformances are raised and our Information Security Consultants can advise on robust corrective actions to drive continual improvement of the System.
Flexible Consultancy Services
Contact us to discuss how we can help you manage Information Security to ISO 27001.