What is ISO/ IEC 27001 Compliance?
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) have established the ISO/ IEC 27001 standards which help organizations keep their information assets secure. Using this family of standards helps an organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to it by third parties. It is the best-known standard in the family providing requirements for an information security management system (ISMS)
Our services for ISO/ IEC 27001 compliance
As part of ISO/ IEC 27001 compliance, we assess clients against the 27001 controls, look at their policies and procedures, IT controls, and how they have established their ISMS. We can assist clients with the work needed to improve or establish their ISMS by helping them with creating or improving their policies and procedures, establishing and implementing IT controls, and overall improving their IT security practices. Some of our services are:
- Security Risk Assessment (NIST CSF or ISO/IEC 27001 based)
- Information security program improvement
- Information Security Management System improvement
- Review of policies and procedures
- Creation of policies and procedures as needed
- Review of IT controls and practices.
- Establishing and implementing IT controls as needed.
- Detailed report with findings, feedback and recommendations.