What is ISO 27001?
The official name for ISO 27001 is ISO/IEC2 27001:2013.
ISO/IEC 27001:2005 has been updated to ISO/IEC 27001:2013 on the 25th September, 2013.
By using our proven ISMS ISO 27001 preparation methodology, we will help you to get started from ground zero, moving all the way through the ISMS creation process and finally to help you to apply for your ISO 27001 certification.
LGMS consultants are highly experienced in delivering ISO 27001 solutions. We are able to assist you in the implementation of an Information Security Management framework in order to achieve certification to the standard.
This is the first step in our ISO 27001 certification road map.We will analyze your organizations compliance with not only the ISO 27001 requirements, but also investigates the gaps in your defense against the industrial best practices. The analysis is performed in stages as listed below:
- Ascertain structure of organization and scope of Information Security (IS) requirement
- Establish the extent of compliance with the mandatory requirements of ISO 27001
- Using the 133 controls listed in ISO 27002 (the Code of Practice) as a framework, identify primary gaps in the information security controls in place within the organization.
- Identify principal information assets and relative value to the business.
- Assess policy / procedural / technical IS improvements that would be necessary to achieve compliance with the ISO 27001 standard.
- Report on findings of gap analysis and make recommendations for remedial action/strategy to achieve compliance with the requirements of ISO 27001.
ISMS Risk Assessment
Each organization faces their own unique mixture of threats and vulnerabilities when it comes to Information Security. A thorough assessment of the potential risks can not only safeguard the important and valuable information assets, but also save time and money by avoiding the implementation of unnecessary controls.
To ensure that the analysis is both appropriate and cost effective it is important that focus is centred on the most important information assets to avoid expenditure on unnecessary controls.
LGMS can help you to reduce your exposure to information security risks by undertaking a thorough risk analysis of your security infrastructure. The detailed assessment of current threats and vulnerabilities balanced against the existing control measures provides a clear indication of where improvements are necessary. Risk management can then be practised to avoid risks wherever possible and to reduce residual risk by introducing appropriate controls.
Two of the largest banks in Malaysia (Maybank and CIMB Bank) engaged LGMS for their ISO 27001 certification requirements, together with major telecommunication operator, and several other major financial institutions and government agency. LGMS ISO 27001 implementation and certification success stories have proven once again, our dedicated commitment in delivering world class security services to our client.