Our Work

Government & Public Sector
Division: Risk Management & Compliance

ISO 27001:2013 Information Security Management System (ISMS) Implementation and Certification Consulting Services

Implementation of IMS for government department

Client Requirement

  • The scope of the project covers all departments and units within the government department
  • To establish and Implement an Integrated Management System for the client including the following standards: Quality Management System ISO 9001:2008 Information Security Management System ISO 270001:2013 3) Business Continuity Management System ISO 22301:2012

Deliverables

  • SFD Context of organization document
  • Gap Analysis report for ISO 27001
  • IMS Policy and Scope of work Document
  • ISO 9001 Manual Core business processes Documentation
  • IMS Objectives Document
  • Information security asset sheet
  • Risk assessment Report ( ISO 27001 , ISO 22301) Business Impact Analysis report Vulnerability Assessment and Penetration Testing Report
  • Risk Treatment Plan ( ISO 22301 )
  • Risk Treatment Plan ( ISO 27001
  • SOA for ISO 27001
  • Business Continuity Strategy ( ISO 22301) Follow up Implementation actions required from SFD (Report ) Business Continuity
  • All mandatory documents and records required for ISO 27001 , 9001 and 22301. Internal Audit Report
  • Corrective Action and preventive action report
  • Management review Report Follow up with Certification Body for Certification Processes and Certification requirements

Business Impact

  • By determining the organization’s progress towards implementing Information Security Management System (ISMS ) identified the key baseline controls which are currently in place and this help the organization protects its business processes against risks and the critical security gaps.