ISO 17799 and ISO 27001 form the International Standard for Information Security Management, ISO 27001 being the implementation standard against which certification is achieved. Activity helps organisations achieve compliance with or certification against this standard. Recent clients that we have helped to achieve ISO 27001 certification include Atos Origin UK – as well as having achieved certification for ourselves.
Our services in this area include:
- Gap Analysis. Assessing your information security management system against the requirements of ISO 27001, and providing a plan to achieve compliance.
- Risk Assessment. Developing asset registers and security risk assessments, including the production of Statement of Applicability (SoA) – a key requirement of ISO 27001.
- Policies and Procedures. The authoring of security policies and procedures that reflect business practice.
- Security Awareness and Training. Providing security awareness materials and courses, as well as delivering tailored training for security roles.
- Audit. Undertaking audits against ISO 27001, as well as developing, mentoring and training internal audit teams.
