ISO 27001 Consulting Services

We have a panel of consultants that includes ISO 27001 Lead Auditors / trainer and IT professionals , possessing more than 25 years of IT and consultancy experience. We guarantee ISO 27001 ISMS compliance and certification to our clients.

Our ISO 27001 services includes the following:

ISO 27001 ISMS Consulting (including training and internal auditing)
ISO 27001 ISMS Training Workshops
ISO 27001 ISMS Auditing
Other ISMS related services

ISO 27001 ISMS CONSULTING

Consultancy service for ISO 27001 ISMS is the major service which incorporates the trainings and auditing services. This turnkey solution is based upon the deployment of our experienced ISO 27001 consultant on the project who develops the complete documentation and facilitates its implementation till successful ISO 27001 ISMS certification. The key steps of the consultancy process are:

Gap Analysis of the company against the ISO 27001 ISMS standard requirements
Training of the management over the ISO 27001 ISMS standard
Compilation of Information Assets Inventories
Risk Assessment- Information Assets
Creation of an ISMS Framework
Business Continuity Planning (BCP)
Disaster Recovery Planning (DRP)
Security Policies and procedures
Information Security Manual
Training of the company selected personnel as ‘Internal Security Auditors’ for the ISO 27001 standard
Internal Security Audit and preparation for the final certification audit

ISO 27001 ISMS TRAINING WORKSHOPS

Awareness and ‘correct’ understanding / interpretation of the ISO 27001 ISMS standard requirement are the key factor in its effective implementation and successful certification. Therefore, comprehensive trainings workshops of this international security standard are considered as vital when undertaking the ISO 27001 implementation project. To suit the needs of differing client / audience, following are the types of corporate trainings devised and offered to the interested clients

Training 1: ISO 27001 ISMS Executive Briefing

Training Workshop 1: Executive Briefing Training Session

This is a 2 / 3 hours executive session specifically devised for the top management of the company. It focuses upon the key issues and interests related to the ‘top management’. Following are some of the topics that are addressed in this session:

Fundamentals to information security
Why ISO 27001 is essential for Information Security
ISO 27001 Information Security standard – an overview
An overview of Information Assets, Risk Assessment, Business Impact Analysis, Business Continuity Planning and Disaster Recovery Planning
Implementation roadmap for ISO 27001 Information Security standard
Benefits to the organization
ISO 27001 certification process
Costs Involved

Training 2: ISO 27001 ISMS Understanding and Implementation

Training Workshop 2: Implementing Information security and Achieving ISO 27001 ISMS certification

This is a 2/3 full days professional training workshop designed for the top management, head of departments and personnel assigned the task of implementing and achieving ISO 27001 ISMS certification for their organization. This training course is aimed to provide detailed understating of the ISO 27001 standard requirements, proven ISO 27001 project implementation methodology leading to a successful certification. It is highly customized for the client organization with the objective of enabling the participants to implement Information security at their organization. Some of the topics it covers:

Information Security, its importance, fundamentals and basics
Proven Project Implementation Methodology
Detailed explanation of the ISO 27001 ISMS Standard requirements and related ‘Security Controls’
Risk Assessment – Methodology, Identification, Assessment and treatment of risks
Business Continuity planning (BCP) and Disaster Recovery Planning (DRP)
Development of Security Policies, Procedures/Systems and their implementation
Roadmap to successful ISO 27001 certification

Practical Exercise on:

Information Assets Inventories
Risk Assessment Plan

Business Impact Analysis & Risk Assessment of Business Processes
Business Continuity Plan/Disaster Recovery Plan

This workshop is specifically designed and guaranteed to enable the participants to immediately start the implementation at their organization.

Training 3: ISO 27001 ISMS Internal Auditing

Training Workshop 2: Implementing Information security and Achieving ISO 27001 ISMS certification

This is a 2/3 full days professional training workshop designed for the top management, head of departments and personnel assigned the task of implementing and achieving ISO 27001 ISMS certification for their organization. This training course is aimed to provide detailed understating of the ISO 27001 standard requirements, proven ISO 27001 project implementation methodology leading to a successful certification. It is highly customized for the client organization with the objective of enabling the participants to implement Information security at their organization. Some of the topics it covers:

Information Security, its importance, fundamentals and basics
Proven Project Implementation Methodology
Detailed explanation of the ISO 27001 ISMS Standard requirements and related ‘Security Controls’
Risk Assessment – Methodology, Identification, Assessment and treatment of risks
Business Continuity planning (BCP) and Disaster Recovery Planning (DRP)
Development of Security Policies, Procedures/Systems and their implementation
Roadmap to successful ISO 27001 certification

Practical Exercise on:

Information Assets Inventories
Risk Assessment Plan

Business Impact Analysis & Risk Assessment of Business Processes
Business Continuity Plan/Disaster Recovery Plan

This workshop is specifically designed and guaranteed to enable the participants to immediately start the implementation at their organization.

ISO 27001 ISMS AUDITING

This offering ensures compliance of the existing IT environment and its management procedures with the ISO 27001 controls and guidelines for the enterprise security posture.

The auditing service can be acquired in the forms of 3 modules below

Gap
Analysis

Done while undertaking the project of ISO 27001 implementation; to find the gap b/w the existing system at the company and the requirements for ISO 27001 ISMS certification

Documentation
Audit

Done to verify only the documentation compliance against the requirements of the ISO 27001 standard

External
Pre-Audit

Done before certification to have the surety over the established ISMS system before engaging the certification agency for the final certification auditing

All the above audits are done by the experienced ISO 27001 Lead Auditor followed by an
Audit Report detailing the information as per the selected module.

OTHER ISMS RELATED SERVICES

For clients interested in addressing specific areas of the information security / business continuity at their companies, following are the ISMS related service modules developed and provided as per the company requirements. These services also fulfill the specific requirements of the ISO 27001 Information Security Management System standard:

Information Security Manual

It outlines the security policies and a brief about the possible information security procedures and mechanisms as per the trade and business operations of the client company

Documentation for ISO 27001

It includes the development of all the documents and procedures as per the business/trade of the client company that are required to comply with this International Standard

Information Assets Inventories their Risk Assessment Plan with Risk Treatment Plan

Information Assets Inventories, their Risk Assessment Plan with Risk Treatment Plan it is done for all the information assets exist at the client company