ISO/IEC 27001:2013 Audit & Implementation

ISO 27001:2013 has become a pre-requisite to participate in any Government or international Tender. We can help you out in becoming ISO 27001:2013 certified from leading certifying bodies.

Deliverable:

  • Identification and establishment of context of the organization (Internal context, external context and risk management context)
  • Identification all interested parties and their requirements (e.g. clients, partners, suppliers, and shareholders, but also could be employees’ families, government agencies, local community, media, etc.)
  • Defining interfaces in the ISMS scope (identification and documentation of the interfaces between the activities made by the organization and the activities that are performed by third parties)
  • Aligning ISMS objectives with company strategy (Determining the information security objectives compatible with the strategic direction of the company)
  • Prepare Audit review sheets/checklists based on various industrial best practices and standards for DC security
  • Review the existing and implemented processes against the audit checklist
  • Review system, application and operating system configurations against audit checklist
  • Understand the vulnerabilities and impact on information
  • Collection of evidences
  • Formulating policy as per ISO27001 compliance
  • Implementation of ISO27001 best practices
  • Proving in-house Awareness Training
  • Conducting internal audit & MRM
  • Helping company to implement corrective action & preventive actions
  • Hand-holding till final certification from certifying body
Copyright © 2017 www.isoah.com