Strategy white

ISO 27001

The ISO27001 standard focuses on providing requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS). The establishment and implementation of an ISMS is influenced by the organization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization.

As the ISMS preserves confidentiality, integrity and availability by applying a risk management process, it provides clients and partners with the assurance that risks are adequately managed.

 

CSI guides and assist organisations with establishing and implementation of an ISMS as per the ISO27001 to allow for certification.

  1. Complete analysis of the organization as per the Certification Requirement, including but not limited to:
    1. Security posture
    2. Documentation
    3. Policies, procedures, roles & responsibilities
    4. Risk and vulnerability assessment
    5. Risk management
  2. Establish ISMS roadmap and documentation repositories.
  3. Propose and guide the implementation plan, controls as per ISO 27002, vulnerability management, risk management procedures, assigning responsibilities and training of teams.
  4. Conducting a pre-assessment and internal audit.
CYBER SECURITY AND THE SOUTH AFRICAN HEALTHCARE INDUSTRY DURING COVID-19

ISO 27001