Compliance: the issue that isn’t an issue until it becomes the mother of all issues: IT compliance usually refers to two areas: how well a company follows its own rules (internal compliance), and how well a company follows the rules imposed on it by outside groups (external compliance). Both are important and can impose restrictions on a business.
We also help our clients to achieve ISO 27001, which is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS). This standard is designed to ensure the selection of adequate & proportionate IT security controls and is achieved through the following stages.
- System study and gap analysis
- Risk assessment
- Design an information security management system
- Develop the statement of applicability
- Design and implement policies and procedures
- Internal and pre-certification audits