What is ISO 27001?
The official name for ISO 27001 is ISO/IEC2 27001:2013.
ISO/IEC 27001:2005 has been updated to ISO/IEC 27001:2013 on the 25th of September, 2013.
By using our proven ISMS ISO 27001 preparation methodology, we will help you to get started from ground zero, moving through the ISMS creation process and finally to help you to apply for your ISO 27001 certification.
LGMS consultants are highly experienced in delivering ISO 27001 solutions. We can assist you in the implementation of an Information Security Management framework to achieve certification to the standard.
Gap Analysis is the first step in our ISO 27001 certification road map. We will analyze your organization’s compliance with not only the ISO 27001 requirements but also investigates the gaps in your defense against the industrial best practices. The analysis is performed in stages as listed below:
- Ascertain structure of organization and scope of Information Security (IS) requirement
- Establish the extent of compliance with the mandatory requirements of ISO 27001
- Using the 133 controls listed in ISO 27002 (the Code of Practice) as a framework, identify primary gaps in the information security controls in place within the organization.
- Identify principal information assets and relative value to the business.
- Assess policy / procedural/technical IS improvements that would be necessary to achieve compliance with the ISO 27001 standard.
- Report on findings of gap analysis and make recommendations for remedial action/strategy to achieve compliance with the requirements of ISO 27001.
ISMS Risk Assessment
To ensure that the analysis is both appropriate and cost-effective, the focus must be centered on the most critical information assets to avoid expenditure on unnecessary controls.
LGMS can help you to reduce your exposure to information security risks by undertaking a thorough risk analysis of your cyber security infrastructure. The detailed assessment of current threats and vulnerabilities balanced against the existing control measures provides a clear indication of where improvements are necessary. Risk management can then be practiced to avoid risks wherever possible and to reduce residual risk by introducing appropriate controls.
Two of the largest banks in Malaysia (Maybank and CIMB Bank) engaged LGMS for their ISO 27001 certification requirements, together with major telecommunication operator, and several other major financial institutions and government agency. LGMS ISO 27001 implementation and certification success stories have proven once again, our dedicated commitment in delivering world class security services to our client.