Email Twitter LinkedIn Google Plus Hamburger
Incident Response
Get in touch

Consultancy

Comply with regulation, meet best practice, get measurable benefits from security investments. Security policy and process improvements bring confidence to staff, enabling your organisation to succeed in an ever more competitive world.

Comply with regulation, meet best practice, get measurable benefits from security investments. Security policy and process improvements bring confidence to staff, enabling your organisation to succeed in an ever more competitive world.

ISO 27001 & Security

We can help you build a culture of security at your organisation, ensuring that your critical assets are secured and providing you with a competitive advantage.

Many regulating bodies now cite the standard as their benchmark for prudent and competent practice. Government contracting circles are moving towards ISO27001 becoming a mandated standard.

With this comes increased pressure for organisations to comply, but with the standards’ wide scope, independent, experienced guidance is essential for effective and economical application of the standard.

We can help you reach and comply with ISO27001’s standards. Our offering comprises the following:

  • ISO 27001/2 Gap Analysis
  • ISO 27001 Transition Management

ISO27001 is the international standard for information security. Increasingly, it is a prerequisite for conducting business in many sectors.

By working with Commissum’s experts, you are provided with peace of mind that the rigorous standard has been interpreted, taking into account your organisation’s risk profile and specific requirements.

  • ISO 27001 provides a competitive advantage for you as a differentiating security standard
  • As part of implementing the standard, you’ll understand your organisation's legal requirements and how your organisation can meet them
  • Confidential information is secured through proven controls and an ISMS (Information Security Management System)
  • Your business’ exposure to risk is minimised.

To find out more and see how we could help you meet the global standard for information security, get in touch.

ISO 27001/2 Gap Analysis

Leverage the competitive advantage offered by adopting the global standard for information security at your organisation.

The complexity of ISO 27001 means it often takes an independent eye to fully understand an organisation’s relationship with the standard. Engage with Commissum for your ISO27001/2 Gap Analysis and you receive the sort of insight that can only come from external expertise of the standard.

An ISO27001/2 Gap Analysis with Commissum provides you with:

  • Improvements in security based on industry best practices
  • Achievement and shortfall in ISO 27001 / 2 control areas relevant to your business
  • A plan of activities to help you achieve ISO 27001 compliance
  • Expert comment on formal ISO 27001 certification

This will enable you to make decisions along industry best practice lines for improvement of information security at your organisation.

If you decide to seek out formal certification to ISO 27001, the Gap Analysis identifies areas for remediation, for which Commissum can provide a roadmap to compliance.

Our Approach

The Gap Analysis is an audit, focused on identifying the appropriate implementation of ISO27001 and outlining the improvements required to achieve this.

Our approach covers:

  • A review of information security policy, and advice on agreed scope of the ISMS (Information Security Management System)
  • A risk assessment workshop
  • Collaboration to agree control objectives, producing a Statement of Applicability
  • Review of controls via interview, observation and inspection
  • An Information Security Management status report and findings workshop, at which the gap analysis is agreed
  • A final report with recommendations for improvement and options towards implementation of ISO 27001

ISO 27001 Transition Management

Commissum can manage the process of transitioning to ISO27001, preventing internal staff from being tied up interpreting and implementing the standard and thereby minimising impact on your business.

Establishing an appropriate ISMS (Information Security Management System) as required to reach ISO27001 can be daunting. With our assistance, that needn’t be the case.

By implementing ISO 27001 at your organisation, your confidential information is secured through proven controls, giving you a competitive advantage as the standard increasingly becomes a prerequisite for conducting business. We’ll provide you with:

  • Recommendations on business areas, systems and processes requiring security improvements based on industry best practice
  • Statement of achievement and shortfall in ISO 27001 control areas relevant to the business
  • Roadmap and plan of activities for ISO 27001 compliance
  • Expert comment and advice on seeking formal ISO 27001 certification
  • Ongoing support to establish a formalised ISMS (Information Security Management System)
  • Mentoring and guidance to empower your staff to establish an effective security culture

Our cross-industry experience and collaborative approach enables Commissum to assist your organisation in establishing an Information Security Management Framework appropriate to your business needs.

Our approach includes:

  • A review of business drivers and risk posture of organisation
  • Collaboration to agree on the scope of the Information Security Management System (ISMS)
  • Identification of business-critical assets & risk assessment against these
  • ISO 27001 Gap Analysis to review controls
  • Information Security Management status report & findings workshop
  • Establishing a roadmap and risk treatment plan including identification of appropriate control objectives
  • Definition of Statement of Applicability
  • Support throughout the process of implementing a programme of improvement to establish a formal ISO 27000-based ISMS

Commissum carried out an Information Security gap analysis for this company against the ISO 27001 and 27002 standards...

READ THE FULL CASE STUDY

In order for this site to work properly, and in order to evaluate and improve the site, we have placed cookies on your computer.

That's fine!