ISO 27001

iso27001

The pandemic has brought upon unexpected results, amongst them the accelerated pace of digitization due to social distancing requirements and working from home as default mode. These sudden albeit evolutionary changes force organizations to rethink how they handle sensitive data and manage cyber security. After all, more people spending more time on the internet means more risk exposure. ISO27001 details the requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS).

Key Benefits

Stages

Demonstrates that the organization has identified the risks, assessed the implications and put in place systemised controls to limit any damage to the organisation, thereby improving customer and business partner confidence

Scoping – Determine the scope of the ISMS which involves determining things like what are the business units, processes, locations etc to be audited and certified eventually.

Synergies with ISO 22301 business continuity management system for more a robust BCM

Planning – Identify key IT assets, conduct gap analysis and risk assessments to determine the scope of applicability

Increased business resilience

Fieldwork – Involve stakeholders in the planning of the design and implementation processes using any project management tools such as Agile or Gantt Chart.  Design and establish relevant documentation information. Plan and conduct ISO27001 related training for staff if required.

Compliance with commercial, contractual and legal responsibilities

Trial & Experimental – Allow processes to run and fine-tune any issues that may crop up after implementation. Monitoring if the controls are working or not.

Pre-certification – Conduct internal checks such as IT performance review, internal audits and management review.

Getting certified – Engage a certification body to conduct independent audit.

How can we help you?

Contact us for the following. We would be able to assist you in your ISO 27001 journey even if you are just looking at alignment without certification. We will help you with:

System gap analysis

Consultancy for design & development of controls

Internal audits

ISO27001 Requirements and Internal Audit trainings

Bitnami