. .

This design element requires flash & JavaScript to be enabled to play. Download the latest version of flash from Adobe.com.

ISO 27001 Security Management Transition

commissum consulting services include audits, security healthchecks, ISO27001 reviews, CLAS consultancy and policy creation and management.

Our security awareness, training and education services allow organisations to enhance their employees' awareness and understanding of information security issues through managed awareness programmes, and delivery of training and educational products.

ISO 27001 Information Security System Transition From commissum

  • Adoption of ISO 27001 is accelerating internationally.
  • Organisations are recognising that from being a discriminator it will soon be a prerequisite to conducting business in many sectors.
  • Alignment with the ISO 27001 standard can be a daunting task.
  • commissum's experienced professionals are able to manage the transition process for you efficiently.

The benefits of commissum managing the process for you include:

  • Knowledge of the standard and the implementation process.
  • Limited disruption to the business.
  • Management controls established in empathy with the values of the business.
  • Certification "right first time" for lower cost.

ISO 27001 Management Transition Issues

Establishing the Information Security Management System (ISMS) necessary to achieve alignment with the ISO 27001 standard can be a daunting task. If done in-house, it is likely to divert significant resources and attention from the tactical demands of security management and administration, and from the business of the organisation in general. If you have decided to seek formal certification, you will wish to adopt a "right first time" approach, as failing to achieve it will not only reflect badly on your business and security management practices, but may also also significantly increase the cost of the process.

The UK Department of Trade and Industry (DTI) has published a roadmap for achieving alignment with ISO 27001. The process is complex, and for efficient and effective implementation it requires experience and knowledge of risk management, and the establishment of security controls and documentation.

Approach

The UK DTI guidance material stresses that an organisation should use risk management techniques to establish the scope and depth of requirement for security controls. Controls and processes must be appropriate to the business. commissum's experienced professionals are able to manage the process for you efficiently, the elements of the approach being:

  • Proven management plans used to conduct assignment.
  • ISO 27001 gap analysis undertaken to establish requirements.
  • Experienced IT Security Manager conducts requirement review and analysis.
  • Definition of control objectives and statement of applicability maps the organisation's security requirements to teh applicable clauses of the standard.
  • Implementation plan drawn up to achieve control objectives.
  • Management of implementation process.
  • Audits conducted to test readiness for independent third-party review by an accredited organisation, leading to formal certification.

ISO 27001 Transition Management Customer Benefits:

Clients benefit from the applied knowledge of experienced commissum professionals:

  • Knowledge of the standard and its implementation process.
  • Limited disruption to the business from day-to-day management of the process.
  • Security management and administration controls established in empathy with the values of the business.
  • Faster and more assured certification (or self-certification) - "right first time" for a lower cost.
  • Assistance in selecting and co-ordinating with an appropriate certification agency.

Icon ISO27001 transition management PDF (43.4 KB)

Get in touch with one of our security consultants today

  • No obligation
  • Expert advice
  • Tailored solutions
"From the start the project went very smoothly despite the short notice. commissum maintained excellent communication throughout ........ their flexibility and responsiveness right up to the end of the project was of great value to us.”

Mr Keith H, Senior Business Manager - UK Local Government