ISO/IEC 27001

General information on ISO / IEC 27001 

ISO 27001 is a standard developed by the International Organization for Standardization (ISO) and describes in detail how to manage corporate information security.

Who is required to have an ISO / IEC 27001 audit? 

ISO/IEC 27001 is optional to implement. But if a company wishes to demonstrate its infosecurity commitment to customers and partners, the ISO/IEC 27001 certificate will prove that information security is organized at a high level and constantly being improved in the company.

How often do you need to have an ISO/ IEC 27001 audit? 

An external audit is required once a year and a witness audit annually after the external audit.

Results of ISO/IEC 27001 compliance certification 

    Completion of an audit report on the current state of ISMS with proposals for elimination of identified nonconformities
    Selection and approval of an information risk management procedure, and preparation of a risk assessment report
    Formulation and approval of a risk management plan
    Design of internal regulatory documents for ISMS support
    Completion of an ISMS internal audit report
    Development of ISMS implementation regulations
    Obtaining an ISO/IEC 27001 compliance certificate

 Stages of service provision 

  • Preparation for a certification audit

    1. Definition and approval of the audit scope2. Conducting an audit of the current state of ISMS● Compliance analysis of existing corporate regulatory and administrative IS documents (policies, regulations and instructions) required by ISO/IEC 27001● Interviewing company employees (third-party, if necessary) within the audit procedure● Analysis of settings, composition and characteristics of hardware and software for information transmission and security3. Conducting information risk analysis4. ISMS regulatory documents development

  • Consulting support for ISMS implementation

     1. Design of internal regulatory documents for ISMS support
    2. Development of project plan packages for ISMS implementation based on existing information systems and business processes
    3. Advisory support for implementation of scheduled ISMS projects
    4. Development of a report based on the results of ISMS implementation analysis

  • Certification audit ISO/IEC 27001

     1. ISMS internal audit report
    ● Development of the ISMS internal audit method
    ● Development of the ISMS internal audit plan
    ● Completion of a report based on the results of the ISMS internal audit
    ● Conducting an ISMS analysis by management staff
    ● Development of implementation regulations
    2. Selection of a certification body
    3. Advisory support for the ISMS certification procedure

The IT Specialist company will efficiently, effectively, and comfortably prepare your company for external certification according to the requirements of the ISO/IEC 27001 standard

Order preparation for ISO/IEC 27001 certification or inquire with us. Our experts will contact you as soon as possible!

Thank you!

We will contact you shortly.

Can't send form.

Please try again later.

Made with