17/09/2020 by Peter Berry 0 Comments
What does an ISO27001 Health Check involve?
If you want to work towards achieving the ISO27001 standard, a health check is a good place to start.
Meeting the Internal Standards of the Information Security Management System (ISO27001) is much more than information technology and data, it’s an organisation wide risk management approach to business resilience and continuity. Either applying the principles of the full ISO27001 or being independently certified by an accredited body will result in your business having a competitive advantage, controlling risks rather than worrying about them and knowing your business environment can manage the unexpected.
Beacon Consultant Services will review your organisation’s current Information Security Management processes against the requirements of the ISO 27001 Standard. This is the first step to your ISO 27001 success, performing a free health check to determine the maturity of your organisations current approach to Information Security Management. The health check is a self-assessment against the clauses of the ISO27001 and will cover:
- Understanding what you need to have in place to satisfy the standards of ISO27001
- Identifying the benefits and opportunities that meeting the standards could bring your organisation
- Helping you to uncover your strengths and weaknesses of managing information securely
- Highlighting risks that need to be addressed to enable your organisation to be resilient against internal & external threats
Following the free health check analysis, we will provide a high-level report with recommendations and a suggested plan of action to address the gaps. There is no obligation to use our services, you could decide to manage the gap closure plan inhouse. If you do require our support, we can then discuss a more detailed plan of action which will:
- help establish your organisations objectives within the scope of an ISMS
- support top management in understanding the leadership requirements for a successful information security management system that is embedded across the organisation
- develop policies and procedures to govern the operation of the ISMS
- train & develop your peoples knowledge & skills in information security
- create actions to address risks and set the information security objectives
- build a framework with the organisation to measure and monitor the effectiveness of the ISMS
If you would like to discuss performing a free ISO27001 health check on your organisation, get in touch. This can be done internally as a full self-assessment or we can support you through the process, again free of charge.