SMSAM Logo Contact Us  |  Customer Support  |  Search
Services
»   Vulnerability Assessments
»   Penetration Testing
»   IT Security Assessments
»   ISO 27001 Certification
»   PCI DSS Certification
Next Steps
»   Contact Us
»   Requestion Info
»   Get Support
»   Live Chat
ISO 27001 Certification

Organizational information security is a key board responsibility. In the information economy, the confidentiality, availability and integrity of corporate information assets and intellectual property is more important for the long-term success of organizations than are traditional, physical, tangible assets. Regulatory compliance has an increasingly important role to play, and effective information security is critical to regulatory compliance.

Generically, information security is concerned with the protection of an organization’s information assets against breaches of Confidentiality, Integrity and Availability and it is usually achieved by applying a suitable set of controls (policies, processes, procedures, structures, software and hardware, etc). The key challenge is developing all these into an integrated Information Security Management System (ISMS) that successfully supports the organization’s strategic objectives.

An ISMS is a management system based on a systematic business risk approach, to establish, implement, operate, monitor, review, maintain, and improve information security within an enterprise. It is an organisational approach to information security.

The ISO 27001 is part of the growing ISO/IEC 27000 family of standards (27001, 27002, 27003, 27004, 27005, 270006) which all integrates together to ensure a reliable and structured ISMS.

  • ISO 27001: This is the international standard specification for Information Security Management Systems
  • ISO 27002: The international standard Code of practice for information security management, replacing ISO17799:2005
  • ISO 27003: This is the standard that offers guidance for the implementation of an ISMS (IS Management System). 
  • ISO 27004: Covers information security system management measurement and metrics
  • ISO 27005: This is the independent ISO standard for information security risk management
  • ISO27006: This standard is for the accreditation of organizations offering ISMS certification

Why Us?

Certification success guarantee: A key aspect of our ISO 27001 consultancy programme is that we guarantee that our clients will successfully achieve certification within the timeline of the agreed ISO27001 project. This guarantee, which is of course subject to contract, ensures that we make one of our lead auditors available during the certification exercise (even if the time the certification body will be conducting its audit does not coincide with the completion date of this project) at no additional cost to the bank. This is to ensure that the bank passes the certification audit.

On-going costs post certification: We believe that to serve you well, it is of paramount importance that you develop the skills and knowledge necessary to run the ISMS on your own (once certification is achieved), rather than have the additional cost of buying external support back in to maintain the ISMS.

Therefore our approach is with a clear project focus on developing the knowledge and confidence of your staff involved to implement and more importantly maintain an effective ISMS.

Your team will have access to the comprehensive and integrated resources of one of our partners, IT Governance Ltd, UK. These include; risk management expertise, technical information security expertise, Trainers and training courses, relevant books and tools, support of IT Governance related posts.

Our alliances and team formation (see section 6) have substantial experience in designing and implementing ISO27001-certificated information security management systems with demonstrable track records.

Benefits:

  • IT and Business Alignment: Because the implementation of ISO 27001 requires the involvement of both business and technical management, greater Information Technology and Business alignment often results
  • Business Continuity: Implementation of ISO 27001 ensures a working business continuity management plan is put in place.
  • Marketing differentiator: Adherence to the standard is often used as a beneficial differentiator in the commercial market place especially the e-channels products/services
  • Interoperability: Systems from diverse sources are more likely to work correctly together if they follow a common guideline or structure.
  • Management Assurance: Management and others can be more assured of the quality of enterprise security because of the structured approach
  • Improved Information Security and Risk Reduction: Adopting the ISO 27001 ISMS undoubtedly drives the organisational process and approach to improve security, and ultimately, reduce the enterprise information security risk
  • Due Diligence: Compliance with (or certification for) an international standard sucha as the ISO 27001 can be used to demonstrate due diligence in the bank's approach to information security
  • Awareness: Greater security awareness within an organization.
Solutions Services Support Partners Company
 
» CounterACT for NAC
» CounterACT Edge for IPS
» Industry Comparison
» Web Security
» Email Security
» Data Security (DLP)
» SIEM
» Log Management
» Vulnerability Assessment
» Penetration Testing
» IT Security Assessment Services
» ISO 27001 Certification
» PCI DSS
» Support Login
» FAQs
» Resources
» Blog
» Live Chat
» WebSense, Inc
» ForeScout, Inc
» Q1 Labs
» Rapid 7
» About Us
» Contact Us
» Our Approach
» Management
» Why SMSAM
» Customers
» Careers
© 2012 SMSAM SYSTEMS LTD. All Rights Reserved. Privacy & Legal